LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   port forwarding to internal network at another location thru lease line (https://www.linuxquestions.org/questions/linux-networking-3/port-forwarding-to-internal-network-at-another-location-thru-lease-line-624686/)

milind19 02-29-2008 03:13 AM
port forwarding to internal network at another location thru lease line
 
First I would like to thank everyone here.

I have two office connected with lease line network.
Main office LAN is 192.168.1.0/24

My Application Server ip is 192.168.1.47 & port is 443.

Lease line router LAN ip is 192.168.1.251 & WAN ip is 10.10.20.1
-----------------------------------------------------------
Both the offices are connected with lease line circuit.
-----------------------------------------------------------
Lease line router LAN ip is 192.168.30.251 & WAN ip is 10.10.20.2

Branch office LAN is 192.168.30.0/24.

I have a Linux firewall installed at Branch office
Linux Firewall LAN ip is 192.168.30.2 & WAN ip is xxx.xxx.xxx.xxx

To connect this firewall to main branch, route is added.
i.e. route add -net 192.168.1.47 netmask 255.255.255.255 gw 192.168.30.251

I wants to do the port forwarding from Linux firewall WAN to Main office application server (port 443) installed at main office.

my firewall script is as follows. Firewall can successfully telnet the port of application server. First of all i dont know this is possible or not, if yes then how?

iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx --dport 443 -j DNAT --to 192.168.1.47:443
iptables -A FORWARD -p tcp -i eth0 -d 192.168.1.47 --dport 443 -j ACCEPT

Thanks in advance.

issinho 02-29-2008 08:53 AM
This might work
 
Okay. when I looked at your IPTABLES config, I thought everything looked fine. I did a quick search, however, and noticed a couple of discrepencies that might be affecting your networking question:

Port Forwarding using Iptables
Since I have been using 2.4 kernel, I use iptables for firewall and NAT. So these are the Iptable rules required for port forwarding xxx.xxx.xxx.xxx:8888 to 192.168.0.2:80 .

/sbin/iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx
--dport 8888 -j DNAT --to 192.168.0.2:80
/sbin/iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.2 --dport 80 -j ACCEPT


This was taken from http://www.hackorama.com/network/portfwd.shtml

These are commands that can be issued directly from the commandline. You might need to specify which eth card the rule applies to. The xxx.xxx.xxx.xxx is the WAN side, by the way.

Hope this helps in some way. If I'm a little off, I'm sure someone will come along and correct me.


All times are GMT -5. The time now is 12:57 PM.