-
Notifications
You must be signed in to change notification settings - Fork 2.4k
Port forwarding
Robin edited this page Jan 17, 2020
·
9 revisions
Let's say you have a VPN server and a webserver. The webserver is connected to the VPN server. You want to be able to access the webserver from the VPN server.
The first step is to give the client a static IP. You can read about that here. I entered ifconfig-push 192.168.254.1 192.168.254.2. For a second server, you could enter ifconfig-push 192.168.254.3 192.168.254.4 and so on.
Test that your webserver is working inside the container (without any ports being forwarded):
wget -O - 192.168.254.1:8080
Add a port mapping to your docker command or compose file:
ports:
- '1194:1194/udp'
- '127.0.0.1:8080:8080'then docker-compose up -d openvpn
Port forward using IP tables (in the container):
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 8080 -j DNAT --to 192.168.254.1:8080 iptables -A FORWARD -p tcp -d 192.168.254.1 --dport 8080 -j ACCEPT
This routes everything on eth0 port 8080 to 192.168.254.1:8080. I don't understand iptables but this works and you can edit this to go to a different IP or use different ports. For UDP change tcp to udp.
Now exit the container and test from outside:
wget -O - 192.168.254.1:8080
Mobile phone with IP Webcam connected to VPN on a VPS, accessible through the VPS without doing any port forwarding on my home network!
