Forward traffic via two OpenVPN connections to two different internal IPs: IPTABLES issue?
Good afternoon to everybody. I have an IPTABLES issue for forwarding
traffic from two OpenVPN connection to two internal servers.
Here below my interfaces' config file:
# The primary network interface
auto enp4s0
iface enp4s0 inet dhcp
# The Virtual NIC
auto enp4s0:0
iface enp4s0:0 inet static
address 192.168.90.1
netmask 255.255.255.0
Running ifconfig:
enp4s0 Link encap:Ethernet HWaddr d0:bf:9c:19:3c:8b
inet addr:192.168.88.10 Bcast:192.168.88.255 Mask:255.255.255.0
enp4s0:0 Link encap:Ethernet HWaddr d0:bf:9c:19:3c:8b
inet addr:192.168.90.1 Bcast:192.168.90.255 Mask:255.255.255.0
tap0 Link encap:Ethernet HWaddr 3a:c9:eb:1d:c6:91
inet addr:192.168.0.196 Bcast:192.168.0.255 Mask:255.255.255.0
tap1 Link encap:Ethernet HWaddr c6:3c:8e:d9:77:39
inet addr:192.168.0.197 Bcast:192.168.0.255 Mask:255.255.255.0
I have two internal server (192.168.90.10 and 192.168.90.11) and I have to forward traffic in the following way:
192.168.0.196 (tap0) <- -> 192.168.90.10
192.168.0.197 (tap1) <- -> 192.168.90.11
Actually if I open 192.168.0.196 and/or 192.168.0.197, replies comes always from the 192.168.90.11.
My rules.v4 files is:
-A FORWARD -i enp4s0:0 -o tap0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i enp4s0:0 -o tap0 -j ACCEPT
-A FORWARD -i enp4s0:0 -o tap1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i enp4s0:0 -o tap1 -j ACCEPT
-A PREROUTING -i tap0 -p tcp -m tcp ! --dport 22 -j DNAT --to-destination 192.168.90.10
-A PREROUTING -i tap0 -p udp -m udp -j DNAT --to-destination 192.168.90.11
-A PREROUTING -i tap1 -p tcp -m tcp ! --dport 22 -j DNAT --to-destination 192.168.90.11
-A PREROUTING -i tap1 -p udp -m udp -j DNAT --to-destination 192.168.91.11
-A POSTROUTING -o tap0 -j MASQUERADE
-A POSTROUTING -o tap1 -j MASQUERADE
What I misconfigurated??
Thanks in advance
|
