Posted: Wed Dec 16, 2020 0:28 Post subject: [SOLVED] Port forward on router IP to local LAN host:port?
Due to a full tunnel VPN setup required for work, I lose access to local network web resources when I'm working from home. I have an HTTP proxy running on a host in my network that I'd like to use to connect to these local resources.
When the full VPN is up, I can still get to web interface listening on the router IP address, but not other local web services hosted on other IP addresses.
I've tried a few IPtables configuration but haven't been able to sort out how to accept connections to the router IP on 192.168.1.1:8888 and forward the packets to & responses from to other-ip-on-local-lan:8888.
Has anybody gotten something like this to work?
Any helpful pointers would be appreciated.
Add the following to the "Administration"/"Commands"/"Firewall" script and click "Save Firewall" button:
# Turn on Squid proxy forward from LAN subnet to other-ip-on-local-lan:8888 (e.g. 220.127.116.11:8888)
iptables -t nat -A PREROUTING -s `nvram get lan_ipaddr`/`nvram get lan_netmask` -i br0 -p tcp --dport 8888 -j DNAT --to-destination other-ip-on-local-lan:8888
Last edited by foobarfoo on Tue Mar 22, 2022 20:42; edited 1 time in total
if your router is doing NAT that should not matter, if you are on public area, yest that is a problem. You could report it to your companies IT department because they should know and should want to fix it.
But you have to have the original still active/available, because that is how the traffic is actually getting to the computer it is, the vpn is inside of the normal traffic.