Portforword through a VPN client

Udbytossen

Svar: Portforword through a VPN client
Hi Again - sorry for the late answer, but had some other more important things to handle.
I having my VPN through Torguard - and have created the portforward in torguard to allow the port 19999 beeing forwarded to a local server in the subnet 172.16.40.1/24

I have an OpenVPN client connected on my PFsense+ - where I dedicated a subnet to use this OpenVPN client -- 172.16.40.1/24
All my clients are running fine outgoing traffic - which its mainly used for - all outgoing traffic works as intended..
But I would like to get access to an HTTP server - through the public IP provided by the OpenVPN Client, and then connect to the port 80 on the local server located in the Provided subnet

Lets say I'm getting the public IP 22.22.22.22 when connecting the OpenVPN Client on my PFsense.
Then my goal is forwarding the port 19999 to port 80 (test setup)
So the goal is the when accessing the address http://22.22.22.22:19999 - it'll forward the request to 172.16.40.5:80
BUT - I can not make this work - for some reasons - and thinking this can not be that big an issue - but it is.

I've tried to NAT the port directly:

So the rule looks like this

Edit the newly created Rule on torguard interface

Changed the Gateway under advanced setting for the Rules

So the RUle under the Torguard Interface looks like this

But as the picture shows - I'm just not getting any trafic through this nat - trying the address: http://22.22.22.22:19999 is just not reachable, and the rule does not show any traffic.

I've tried creating the rules without NAT, creating it in firewall rules only the same issue remains. I can not get trough on the port - and still not seeing any traffic goes through - neither way. This is the setup - only with a rule created for the interface torguard.
Firewall rule only.png

So what am I missing - or do I misunderstand it all - I've done it before several years ago but can not remember other than I did it in firewall rules. But I can not figure this out, and a simple task - that I have no issues with - as Normal NAT - but this behind and openVPN Client really make me confused.

Thanks in Advance.
U

viragomann

@Udbytossen said in Portforword through a VPN client:

Lets say I'm getting the public IP 22.22.22.22 when connecting the OpenVPN Client on my PFsense.

I'm in doubt, that your VPN client gets a public IP.
You might rather mean, if you access the internet through the VPN, the traffic is coming from a public IP. But there is pretty a difference.

Then my goal is forwarding the port 19999 to port 80 (test setup)

Assuming your VPN client gets a private IP, this requires, that the VPN provider forwards the traffic to it. Is this even given?
If so, your rule should show hits if you try to access it from outside.

@Udbytossen said in Portforword through a VPN client:

Edit the newly created Rule on torguard interface

This screenshot show that the rule is on the WAN interface, which would be wrong.

@Udbytossen said in Portforword through a VPN client:

Changed the Gateway under advanced setting for the Rules

This is nonsense. The Torguard gateway is the VPN server. So why want you redirect traffic coming from the VPN server back to it?

Udbytossen

@viragomann
Well - I'm not sure that I Then described it wrigth, so I'll try answer as good as I can.
I Have created a subnet on my router, as 172.16.40.0/27 - and installed an VPN client - and set it up so all in this subnet are routet through the VPN-klient - I have a dedicated IP 22.22.22.22, where I can forward port from the Dedicated IP in their admin Interface

@viragomann said in Portforword through a VPN client:

Assuming your VPN client gets a private IP, this requires, that the VPN provider forwards the traffic to it. Is this even given?

That are given - so to speak - I Can forward port int the provider Interface - where I created a rule for port TCP:19999 - and the provider says they are effective.
torguard settings1.png

Allthough I can see traffic are beeing drop by the firewall - but can not see the traffic comes through
BLocked traffic.png

The correct screenshot of the firewall rulesa. Under Advanced is the gateway also set to torguard - so the right screenshot of the created NAT andautomatically created firewall rule, is these 20
Torguard NAT settings.png
Torguard firewall RUles(created by nat).png

And under the firewall rule advanced setting I'm changing the gateway to Torguard instead of default
Advanced Settings firewall rules.png

Hopefully that'll explain it a meaning that its understandable.

Thanks in Advance
U

viragomann

Well, if this is correct as far, you should be close to get it working.

@Udbytossen said in Portforword through a VPN client:

And under the firewall rule advanced setting I'm changing the gateway to Torguard instead of default

But already mentioned, that this makes no sense at all. So edit the rule and set the gateway to default.

Then go to the OpenVPN rule tab and remove or disable each pass rule.
Done.