Replies: 1 comment
-
Hi, My solution is: iptables -t nat -I POSTROUTING 1 -s externalip -o tun0 -j MASQUERADE HTTP Portiptables -t nat -A PREROUTING -d externalip -p tcp --dport 80 -j DNAT --to-dest 10.8.0.2:80 HTTPS Portiptables -t nat -A PREROUTING -d externalip -p tcp --dport 443 -j DNAT --to-dest 10.8.0.2:443 Works! |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi,
I have a openvpn between my pfsense firewall and a VPS made with this excelent script.
I want to know, if possible, the rules I must add to add-openvpn-rules.sh file to have a transparent firewall between the external IP of VPN and my router. I need to log the client ip in my nginx server log file.
My Webserver (nginx) is in a DMZ before the Pfsense router.
My present http rule is:
HTTP Port
iptables -t nat -A PREROUTING -d externalip -p tcp --dport 80 -j DNAT --to-dest 10.8.0.2:80
iptables -t nat -A POSTROUTING -d 10.8.0.2 -p tcp --dport 80 -j SNAT --to-source 10.8.0.1
With this rule I can serve the client, but in the log the client ip is allways 10.8.0.1.
Thanks in Advance.
Beta Was this translation helpful? Give feedback.
All reactions