Aku duwe server NAS sing kudu dakterusake port supaya bisa diakses saka internet. Nanging ISP saya ngalangi port, mula aku bisa tuku VPS Ubuntu sing murah kanggo mbukak server OpenVPN ing kana lan banjur ngarahake kabeh lalu lintas NAS lan port sing dibutuhake menyang kana.

Persiyapanku kaya ing ngisor iki:
 | Raspi | (192.168.0.101/24)| |(192.168.1.1/24) (192.168.0.1/24) APwlan0 eth0NAS (192.168.1.102/24) | \ / | |iptables lan mesin routing{tun0} | | 10.8.0.6 |
Sisih VPS dikonfigurasi kanthi bener, amarga aku bisa SSH menyang Raspberry Pi nggunakake IP VPS. Mangkene apa sing wis daklakoni ing kana supaya bisa ditindakake:
iptables -t nat -A PREROUTING -d A.B.C.D -p tcp --dport 22 -j DNAT --to-dest 10.8.0.6:22 iptables -t nat -A POSTROUTING -d 10.8.0.6 -p tcp --dport 22 - j SNAT --kanggo-sumber 10.8.0.1
Konfigurasi server OpenVPNku:
port X proto udp dev tun ca.crt cert server.crt key server.key dh dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-terus ipp.txt client-config-dir ccd push "redirect-gateway def1 bypass -dhcp"push "dhcp-option DNS 208.67.222.222"push "dhcp-option DNS 208.67.220.220"keepalive 10 120 comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log kriya 3
Aku uga wis nindakake:
sysctl -w net.ipv4.ip_forward=1
lan sijine
DEFAULT_FORWARD_POLICY="ACCEPT"ing
/etc/default/ufw lan uga ditambahake
# START OPENVPN ATURAN # Aturan tabel NAT *nat :POSTROUTING ACCEPT [0:0] # Allow traffic from OpenVPN client to eth0 -A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE# END OPENVPN ATURAN
kanggo
/etc/ufw/before.rules
Konfigurasi klien OpenVPN:
klien dev tun proto udp remot A.B.C.D X resolv-nyoba maneh pangguna nobind tanpa wates ora ana klompok nogroup persist-key persist-tun ns-cert-type server comp-lzo verb 3 XXX   YYY   ZZZ 
Kepiye cara ngarahake lalu lintas eth0 menyang tun0 lan nerusake port Y lan Z liwat trowongan?
Aku mung ngerti yen kanggo port liyane aku kudu ngonfigurasi ulang VPSku kaya sing ditindakake ing port 22.