iptables - Accessing my own public IP (WAN) via PPPOE internally

06
2014-04
  • GM Marhazk Spica

    I have my own machine along private ip (LAN ip) 192.168.0.1 and public ip (WAN ip) IP 123.45.67.89 through PPPOE connection. So I wanted to access my own Apache server through my own public ip internally (223.145.167.189:80) but it is failed.

    The problems are solved if I use Bridge-Mode connection or Virtual Server dsl router, but how if dsl router does not has Virtual Server and I still want to use PPPOE? Any solution?

    Specs:

    The 192.168.0.1 and 223.145.167.189 are hosted with the same Apache Server.
I use Aztech 605E anyway, which Virtual Server function is not implemented in this model.

    This is the test result I have:

    BRIDGE MODE

    192.168.0.1:80 ACCESSIBLE
223.145.167.189:80 ACCESSIBLE

    PPPOE MODE + Virtual Server

    192.168.0.1:80 ACCESSIBLE
223.145.167.189:80 ACCESSIBLE

    PPPOE MODE + Without Virtual Server

    192.168.0.1:80 ACCESSIBLE
223.145.167.189:80 UNACCESSIBLE

    So, how to solve the 223.145.167.189 is accessible with "PPPOE MODE + Without Virtual Server"? Any idea how? I appreciate for your kindness and helps....

    P/s: In other word, I want to work not only with port 80, but also any other TCP ports that do not related with web server.

    Edit: Forgot to mention that, I have 192.168.0.3 which supported iptables under CentOS 5.9. The DSL also has DMZ function and DMZ to 192.168.0.3. The Port Forwarding also are fully works and functions with the 192.168.0.1 and the 192.168.0.3.

    I also have tried below codes in my iptables's 192.168.0.3 machine, but I still couldnt reach the server internally, unless from external connections.

    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -i eth+ -p tcp --dport 80 -j DNAT --to-destination 192.168.0.1:80
iptables -I FORWARD -p tcp -d 192.168.0.1 --dport 80 -j ACCEPT
    • Answers
    Know someone who can answer? Share a link to this question via email, Google+, Twitter, or Facebook.

    Related Question

    Ubuntu 11.04 server iptables port forwarding
  • Stef

    I'm pretty new to iptables. My server has two Ethernet cards (eth0, eth1) and an ADSL router that is in bridge mode connected to the eth0 which created ppp0 when dialed.

    I'm trying to forward external port 80 to my local machine (192.168.2.2) connected in eth1.

    My Internet sharing is done by:

    iptables -t nat -A POSTROUTING -s 192.168.2.0/255.255.255.0 -o ppp0 -j MASQUERADE

    (if there is a better way feel free to show me)

    I am trying to use:

    iptables -A FORWARD -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 80 -j DNAT --to-destination 192.168.2.2:80

    but I don't know to which Ethernet interface I should be pointing it. Any ideas?


    • Related Answers
  • grawity

    If you are accessing the Internet through ppp0, that's what you should use for -i in both commands. (Check the default route in ip -4 route to be sure.)

  • kobaltz

    Check out http://www.hackorama.com/network/portfwd.shtml. It has very good and detailed explanation for what you're trying to do.