Skip to content

Port forwarding

Jump to bottom
Ycarus (Yannick Chabanois) edited this page May 11, 2021 · 28 revisions

You can redirect ports < 65000 (port 65000 to 65535 are reserved for OpenMPTCProuter internal usage).

You need to have a VPN set on OpenMPTCProuter (Glorytun TCP by default).

Redirect all ports from VPS to OpenMPTCProuter

This is only needed if you want to redirect all ports. You shouldn't do that.

Use the checkbox in System->OpenMPTCProuter then Advanced settings tab.

Redirect port via V2Ray reverse proxy on OpenMPTCProuter

You must have v2ray selected as proxy in System->Wizard and advanced settings checkbox.

This can only be used for TCP and/or UDP forwarding: Port forwarding using V2Ray

Redirect port via VPN on OpenMPTCProuter

Example to redirect port 80 from the VPS to the IP 192.168.100.1 on the network:

First we have to forward the port. Add a new forward rule in Network->Firewall: Configure it like this:

Port will be automatically redirected from the server to the router.

If you want to redirect to a webserver, we need SNAT here. Add a new SNAT rule: Configure it like this (192.168.100.16 is the destination here):

Debug

  • Check that the VPN is running in System->OpenMPTCProuter and Status tab.
  • Check on the VPS in /etc/shorewall/rules that rules you set are available
  • Check on the VPS in /etc/shorewall/params.vpn that OMR_ADDR is the router side VPN IP (10.255.255.2 for glorytun TCP, the default VPN)
  • Check on the router if packets are coming on port 8080 from the VPN for example: tcpdump -i tun0 port 8080

If all is ok, then packets come to the router. Set a SNAT rule if not already done else check your firewall rules.

Home

Install

Configuration

Technologies

Clone this wiki locally