Posted: Mon Jan 27, 2025 4:59 Post subject: Forward with VPN to VLAN
I use a ACM3200 Linksys with DD-WRT such as Gateway to set up NordVPN with my Static IP (provided by NordVPN). Since, I successfully manually setup the VPN
Then, behind the ACM3200 Linksys Gateway, I use my LRT-214 which handle my VLAN network for my MAIL Server like :
<Xplore>----<ACM3200 VPN: NordVPN IP STATIC (xxx.xxx.xxx.xxx) WAN IP: 100.68.5.154 >-------<LRT-214 WAN IP: 192.168.1.200 (VLAN)>---------[MAIL IP 192.168.214.200]
Now, when pinging Mail server using my NordVPN Static IP with DOS Shell CMD , it looks like if the response is given by the ACM3200 Gateway instead Mail server behind my LRT-214 LinkSys .
In other words, how to setup the Gateway in order to send MAIL request through server behind the LRT-214
Using the Gateway with Forward option with following port #110,#587,#25, it doesn't work anymore because I don't know exactly how to set up
Then, need to know exactly what need to setup properly forward option for SOURCE NET in order to reach server behind LRT-214 on my network
I'm not sure about SOURCE NET, NordVPN IP STATIC (xxx.xxx.xxx.xxx) ?? ACM3200 Gateway WAN Address: 100.68.5.154 ??? ACM3200 Gateway LAN Address : 192.168.1.1 ??
Joined: 18 Mar 2014 Posts: 13532 Location: Netherlands
Posted: Sun Feb 02, 2025 13:09 Post subject:
To recap:
You have a router behind CGNAT so no public IP address.
In order to connect to your router from outside you have a NordVPN connection with a public IP address which you want to use to connect to your router.
The routers LAN has 192.168.1.1/24
In this LAN is a server with Address 192.168.1.200?
This server host services on other subnets(VMs?) e.g. 192.168.214.0/24?
If all this is the case and you simply want to port forward to 192.168.1.200 then you cannot use the GUI as this only port forwards from the WAN and not from tun1.
So you have to do that manually.
A port forward consists of a DNAT rule and a FORWARD ACCEPT rule an example:
Joined: 13 Aug 2013 Posts: 7008 Location: Romerike, Norway
Posted: Tue Feb 04, 2025 14:20 Post subject:
Your rules are in the wrong order. When inserting with -I, the last one will be the first. In the file they must appear with what shall be the first rule last.
In your case, you check destination that will be set on the next rule. It will never match.