Imagine that you have an server Linux at your home eth0(192.168.0.10), like a raspberry pi, and this machine has a another ethernet card as vpn like wg0(172.14.11.10).
When you online at vpn the other host can research you Linux server(172.14.11..), but can't access any device on network 192.168.0.. and you would like to share a security camera for example.
What you can do is make a iptables rules on your server to forward the requisition on a por 6666 to internal ip 192.168.0.11:554 (camera ip)
forward 6666 requests packets to camera
iptables -t nat -A PREROUTING -p tcp -i wg0 --dport 6666 -j DNAT --to-destination 192.168.0.11:554
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 666 -j DNAT --to-destination 192.168.0.11:554
iptables -A FORWARD -p udp -d 192.168.0.11 --dport 554 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A POSTROUTING -p tcp -d 192.168.0.11 --dport 554 -j SNAT --to-source 192.168.0.10
From vpn computer will be able to access 172.14.11.10:6666 where in really is accessing the 192.168.0.11:554.
Top comments (0)