VPS: How to forward traffic to devices from public IP
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
My goal is to set up a public IP for a Android Smartphone which is running an "IP Cam" software. The interface can be accessed in local network on (example) 192.168.0.2:8080, but it has no public IP, as it should also work in the 3G network.
I know there are services which offer a VPN with static dedicated addresses; the free one I found offers only PPTP with IPv6 (didn't work).
The rest of them offer IPv4 for much higher cost than an actual VPS at Host1Plus with the lowest specs, so I went with this. At least I can practice and/or use the VPS for other projects. I followed this tutorial.
Now I am at the point where I created a new user, assigned a static VPN Address in the OpenVPN Admin Panel to the account, and logged in with my device.
Everything works so far. My android device gets the public IP of the VPS while browsing.
I can ping the device's private VPN IP in the ssh terminal of the VPS.
What is the next step?
I tried this, but it doesn't really work. I am lost at this point. I never did anything with routes or forwarding.
If I enter the public VPS IP right now, I get the openVPN Login Form as before. If I enter [PublicVPSIP]:8080 I get a "Server not reachable etc." error.
At the end it should work like this.
Android (running some service at port 8080) (VPN IP: 1.2.3.4)
▼
connects via openVPN to my VPS
▼
VPS (running openVPN Server) (Public IP: 123.123.123.123)
▼
Traffic from visitor at 123.123.123.123:8080 should be redirected/forwarded to my android device. (1.2.3.4:8080)
centos routing vpn openvpn forwarding
add a comment |
up vote
1
down vote
favorite
My goal is to set up a public IP for a Android Smartphone which is running an "IP Cam" software. The interface can be accessed in local network on (example) 192.168.0.2:8080, but it has no public IP, as it should also work in the 3G network.
I know there are services which offer a VPN with static dedicated addresses; the free one I found offers only PPTP with IPv6 (didn't work).
The rest of them offer IPv4 for much higher cost than an actual VPS at Host1Plus with the lowest specs, so I went with this. At least I can practice and/or use the VPS for other projects. I followed this tutorial.
Now I am at the point where I created a new user, assigned a static VPN Address in the OpenVPN Admin Panel to the account, and logged in with my device.
Everything works so far. My android device gets the public IP of the VPS while browsing.
I can ping the device's private VPN IP in the ssh terminal of the VPS.
What is the next step?
I tried this, but it doesn't really work. I am lost at this point. I never did anything with routes or forwarding.
If I enter the public VPS IP right now, I get the openVPN Login Form as before. If I enter [PublicVPSIP]:8080 I get a "Server not reachable etc." error.
At the end it should work like this.
Android (running some service at port 8080) (VPN IP: 1.2.3.4)
▼
connects via openVPN to my VPS
▼
VPS (running openVPN Server) (Public IP: 123.123.123.123)
▼
Traffic from visitor at 123.123.123.123:8080 should be redirected/forwarded to my android device. (1.2.3.4:8080)
centos routing vpn openvpn forwarding
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
My goal is to set up a public IP for a Android Smartphone which is running an "IP Cam" software. The interface can be accessed in local network on (example) 192.168.0.2:8080, but it has no public IP, as it should also work in the 3G network.
I know there are services which offer a VPN with static dedicated addresses; the free one I found offers only PPTP with IPv6 (didn't work).
The rest of them offer IPv4 for much higher cost than an actual VPS at Host1Plus with the lowest specs, so I went with this. At least I can practice and/or use the VPS for other projects. I followed this tutorial.
Now I am at the point where I created a new user, assigned a static VPN Address in the OpenVPN Admin Panel to the account, and logged in with my device.
Everything works so far. My android device gets the public IP of the VPS while browsing.
I can ping the device's private VPN IP in the ssh terminal of the VPS.
What is the next step?
I tried this, but it doesn't really work. I am lost at this point. I never did anything with routes or forwarding.
If I enter the public VPS IP right now, I get the openVPN Login Form as before. If I enter [PublicVPSIP]:8080 I get a "Server not reachable etc." error.
At the end it should work like this.
Android (running some service at port 8080) (VPN IP: 1.2.3.4)
▼
connects via openVPN to my VPS
▼
VPS (running openVPN Server) (Public IP: 123.123.123.123)
▼
Traffic from visitor at 123.123.123.123:8080 should be redirected/forwarded to my android device. (1.2.3.4:8080)
centos routing vpn openvpn forwarding
My goal is to set up a public IP for a Android Smartphone which is running an "IP Cam" software. The interface can be accessed in local network on (example) 192.168.0.2:8080, but it has no public IP, as it should also work in the 3G network.
I know there are services which offer a VPN with static dedicated addresses; the free one I found offers only PPTP with IPv6 (didn't work).
The rest of them offer IPv4 for much higher cost than an actual VPS at Host1Plus with the lowest specs, so I went with this. At least I can practice and/or use the VPS for other projects. I followed this tutorial.
Now I am at the point where I created a new user, assigned a static VPN Address in the OpenVPN Admin Panel to the account, and logged in with my device.
Everything works so far. My android device gets the public IP of the VPS while browsing.
I can ping the device's private VPN IP in the ssh terminal of the VPS.
What is the next step?
I tried this, but it doesn't really work. I am lost at this point. I never did anything with routes or forwarding.
If I enter the public VPS IP right now, I get the openVPN Login Form as before. If I enter [PublicVPSIP]:8080 I get a "Server not reachable etc." error.
At the end it should work like this.
Android (running some service at port 8080) (VPN IP: 1.2.3.4)
▼
connects via openVPN to my VPS
▼
VPS (running openVPN Server) (Public IP: 123.123.123.123)
▼
Traffic from visitor at 123.123.123.123:8080 should be redirected/forwarded to my android device. (1.2.3.4:8080)
centos routing vpn openvpn forwarding
centos routing vpn openvpn forwarding
edited Dec 5 at 13:28
Jeff Schaller
37.8k1053123
37.8k1053123
asked Apr 3 '15 at 15:35
Georg91
62
62
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
I solved it. For other people with the same problem.
This article helped me: Forward a TCP port to another IP or port using NAT with Iptables
Additionally (as I have no idea if this is enough because of attacks)
I followed this: How to block all ports except ...
Just to block all remaining ports which might be open which I don´t need.
Of course don´t forget to add your SSH port to the exception or you get locked out of your SSH terminal.
Although I am not sure if this is enough to really harden Your VPS against attacks etc. So I am happy about further suggestions
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f194231%2fvps-how-to-forward-traffic-to-devices-from-public-ip%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
I solved it. For other people with the same problem.
This article helped me: Forward a TCP port to another IP or port using NAT with Iptables
Additionally (as I have no idea if this is enough because of attacks)
I followed this: How to block all ports except ...
Just to block all remaining ports which might be open which I don´t need.
Of course don´t forget to add your SSH port to the exception or you get locked out of your SSH terminal.
Although I am not sure if this is enough to really harden Your VPS against attacks etc. So I am happy about further suggestions
add a comment |
up vote
0
down vote
I solved it. For other people with the same problem.
This article helped me: Forward a TCP port to another IP or port using NAT with Iptables
Additionally (as I have no idea if this is enough because of attacks)
I followed this: How to block all ports except ...
Just to block all remaining ports which might be open which I don´t need.
Of course don´t forget to add your SSH port to the exception or you get locked out of your SSH terminal.
Although I am not sure if this is enough to really harden Your VPS against attacks etc. So I am happy about further suggestions
add a comment |
up vote
0
down vote
up vote
0
down vote
I solved it. For other people with the same problem.
This article helped me: Forward a TCP port to another IP or port using NAT with Iptables
Additionally (as I have no idea if this is enough because of attacks)
I followed this: How to block all ports except ...
Just to block all remaining ports which might be open which I don´t need.
Of course don´t forget to add your SSH port to the exception or you get locked out of your SSH terminal.
Although I am not sure if this is enough to really harden Your VPS against attacks etc. So I am happy about further suggestions
I solved it. For other people with the same problem.
This article helped me: Forward a TCP port to another IP or port using NAT with Iptables
Additionally (as I have no idea if this is enough because of attacks)
I followed this: How to block all ports except ...
Just to block all remaining ports which might be open which I don´t need.
Of course don´t forget to add your SSH port to the exception or you get locked out of your SSH terminal.
Although I am not sure if this is enough to really harden Your VPS against attacks etc. So I am happy about further suggestions
edited Mar 20 '17 at 10:18
Community♦
1
1
answered Apr 4 '15 at 8:03
Georg91
62
62
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f194231%2fvps-how-to-forward-traffic-to-devices-from-public-ip%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown