Port Fowarding

M

me14606

New Member
Nov 9, 2022
4
0
1
I am trying to port foward HTTP:80 to IP: 24.12.3.250
I can access my website from 24.12.4.250 since it on the internal network shown below, but when its time to access it from outside the private network I can't access it. (The unnamed router at the top is my home network with the subnet 192.168.0.0/24)
Say I try and access it from my computer: 192.168.0.254, it won't work (I type in 192.168.0.26 as the URL)
Ive seen some other threads with similar issues and resolutions, but I have various bridges, they only use one bridge.
Port fowarding is already set up on my firewall in the internal network

--ALSO--
Using nmap I see a http-squid:3128 port open I was curious as to what that is, maybe it has something to do with what Ive been doing

Sorry in advanced lol, I'm a newbie and made a frankenstein attempt to make it work from different fourms
Any other advice for my network would be appreciated!
**eno1 is the network device, vmbr0 is the bridge thats directly connected to it**
**The router with ip 192.168.0.27 & 24.12.4.249 is using NAT (see last pic) **

routerr.png

1.png
2.png
nat.png
 

Attachments

  • nat.png
    nat.png
    3.2 KB · Views: 9
Port forwarding without 'MASQUERADE' may cause problems (since the source-destination at seen endpoint appears asymmetric then). Best practice: to avoid this is when using part forwarding simply to configure
Code: 
iptables -t nat -A POSTROUTING -j MASQUERADE
for having MASQUERADE unconditionally in all cases.

Since I did so it in my personal VPN I do not have routing problems any more (before I had also a lot of these).
 
Richard said:
Port forwarding without 'MASQUERADE' may cause problems (since the source-destination at seen endpoint appears asymmetric then). Best practice: to avoid this is when using part forwarding simply to configure
Code: 
iptables -t nat -A POSTROUTING -j MASQUERADE
for having MASQUERADE unconditionally in all cases.

Since I did so it in my personal VPN I do not have routing problems any more (before I had also a lot of these).
Click to expand...
I dont know anything about iptables, could you please elaborate. I do have marsquerading on, just not in eno1
 
Run simply the command mentioned before:

iptables -t nat -A POSTROUTING -j MASQUERADE
 
Thank you so much, that worked!
I do notice that the load times are very slow, compared to accessing the website from inside the hypervisor.
I am hosing a single website using wordpress. Below are my specs.
The VM uses a Gen 4 M.2 SSD, with unlimited bandwidhth.
CPU running my Proxmox Hypervisor is:
8 x Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz (1 Socket)
webserver_setup.png
 
Richard said:
Run simply the command mentioned before:

iptables -t nat -A POSTROUTING -j MASQUERADE
Click to expand...
After a reboot this occuredScreenshot 2022-12-05 134337.png
NAT isnt working properly, its redirecting to the internal address.
I typed 192.168.0.26 and it did this
 
You must log in or register to reply here.
Top Bottom