Accessing an internal service with an external address or restricting VPN access?

Strahan

Hi. I've read that there are issues when one tries to use your public IP to access services that are hosted within your network. Me and my sister have started playing World of Warcraft, on a private server I setup here at home. It's on 10.0.0.103. When you setup the server, WoW's realmlist needs to know whatever IP you will be accessing it via. I setup 10.0.0.103 and port forwarded the relevant ports, and while it worked fine for me we couldn't get it working externally. Turns out unlike Minecraft where the IP you specify has to be available on a local adapter, WoW wanted the public IP. Once I set it to 50.x.x.52 she was able to connect fine. Problem is, now I cannot connect.

So I changed WoW back to 10.0.0.103 and set her up with OpenVPN. Now we both can play. However, now I have a friend from work who heard about it and wants to join. So I'm back to square one, as I don't want to give him full access to my LAN. So I need to either figure out how I can access a service on my 50.x.x.52 address from within my LAN, or alternatively find a way to configure the VPN so a particular client can only access one IP within my LAN. Even better if it's also only certain ports.

Can anyone advise on which would be the way to go? Thanks!

Bob.Dig

@strahan Enable NAT reflection Pure NAT in your NAT Rule on WAN.

Strahan

@bob-dig Thanks!