Port Forwarding through VPN

Forums › IT Pro and developers › Port Forwarding through VPN

amatson

6 posts

Wannabe Geek

#138245 26-Dec-2013 22:16

Hopefully someone here can help me

I live in a apartment block where we share the internet connection, so i am unable to do any port forwarding.

But I have a server that is co-located in the auckland city. I have a permanent VPN link to it from my apartment.

Just wondering if i can port forward from my pc at home through the vpn to the outside world, I've tried, and it gets as far as the server in the city. but it wont reach the outside world.

I'm using RRAS

Sharesies kids

Affiliate link

Affiliate link: Free kids accounts - trade shares and funds (NZ, US) with Sharesies.

timmmay

18502 posts

Uber Geek

Trusted

Subscriber

#957770 27-Dec-2013 06:17

What are you trying to achieve? Port forwarding is a means to an end, not something you're trying to achieve. There may be an easier way.

freitasm

BDFL - Memuneh
73980 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#957923 27-Dec-2013 11:50

Tim's question is right on...

"Port Forward" is something we do for incoming connections. It seems you are trying to actually do outgoing connections via your VPN to the server ("wondering if i can port forward from my pc at home through the vpn to the outside world, I've tried, and it gets as far as the server in the city. but it wont reach the outside world.")

Once we know what you want to do then answering become easier.

Are you happy with Geekzone? Consider subscribing or making a donation.

freitasm on Keybase | My technology disclosure

amatson

6 posts

Wannabe Geek

#957926 27-Dec-2013 12:00

guess i didn't explain it to well

I want to forward port 3389 from my servers public IP address in the city, through the VPN, to the VPN Client in my apartment. so i can RDP to the VPN Client using my servers public IP address

is it possible?

timmmay

18502 posts

Uber Geek

Trusted

Subscriber

#957927 27-Dec-2013 12:07

"RDP to the VPN client" - huh? The VPN client is on your PC.

Tell us what you're trying to achieve, not how you're planning on doing it. Do you want to control your server over the VPN? Securely download work files? Run bittorrent to download your linux ISOs securely?

freitasm

BDFL - Memuneh
73980 posts

Uber Geek

Administrator

ID Verified

Trusted

Geekzone

Lifetime subscriber

#957928 27-Dec-2013 12:11

You want to remote access your home PC by using an incoming connection forwarded from your server, since you can't configure ports in your LAN, correct?

Forget about it. Just install LogmeIn Free or TeamViewer and no port forward needed.

Are you happy with Geekzone? Consider subscribing or making a donation.

freitasm on Keybase | My technology disclosure

amatson

6 posts

Wannabe Geek

#957929 27-Dec-2013 12:15

Correct. I was using RDP as an example. there are some other ports i would like forwarded as well if possible.

Zeon

3860 posts

Uber Geek

Trusted

#957931 27-Dec-2013 12:30

Yes it would be possible although I'm not sure with RRAS. E.g. just thinking in pfsense you could put the address pool for a VPN as public IP space that has been routed to that PFsense. It would be a waste of space though but then your home PC would have a public IP. Just do your torrentz etc. on colocated server then copy back to your home PC?

Speedtest 2019-10-14

Mattmannz

471 posts

Ultimate Geek

#958245 28-Dec-2013 11:23

What tech do you have available on your co lo server? If you can run some sort of firewall function then a simple translation rule to change the destination address from the co lo server public IP to your laptop IP that is reachable by the server over the VPN should work fine.

You would be routing the connection over the internet to the co lo server then NATTing the destination address and routing it over the VPN tunnel that is connected to your PC.

This would allow RDP connections from the outside world to reach your PC at home - any other sort of port should also work fine so if you wanted to connect to some other service running at home that would also be possible. Only issue would be that the return traffic from your PC needs to go over the VPN tunnel and back out to the internet so the NATTing works correctly. No split tunnelling can be allowed otherwise traffic from the PC could attempt to go directly back to the initiator.

Matt.