Port forwarding openvpn server to client [on hold]
up vote
0
down vote
favorite
I have a OpenVPN server that was deployed on Linode server. My computer's running the software that open port 8089 for client side connect. My computer do not have public ip, so the computer connect vpn to openvpn server for client connect with public ip address of vpn server.
How can i setup port forwarding for my computer? I mean how can the client side connect to my software with port 8089 that running on my computer via public ip of openvpn server?
My linode server: Debian 9
Use ufw for config firewall. I follow setup guide in this tut https://www.cyberciti.biz/faq/how-to-install-and-configure-an-openvpn-server-on-debian-9-in-5-minutes/
openvpn
asked Dec 2 at 2:58
Phan Sinh
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as unclear what you're asking by G-Man, Stephen Harris, Thomas, peterh, JigglyNaga 17 hours ago
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
0
down vote
favorite
I have a OpenVPN server that was deployed on Linode server. My computer's running the software that open port 8089 for client side connect. My computer do not have public ip, so the computer connect vpn to openvpn server for client connect with public ip address of vpn server.
How can i setup port forwarding for my computer? I mean how can the client side connect to my software with port 8089 that running on my computer via public ip of openvpn server?
My linode server: Debian 9
Use ufw for config firewall. I follow setup guide in this tut https://www.cyberciti.biz/faq/how-to-install-and-configure-an-openvpn-server-on-debian-9-in-5-minutes/
openvpn
asked Dec 2 at 2:58
Phan Sinh
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as unclear what you're asking by G-Man, Stephen Harris, Thomas, peterh, JigglyNaga 17 hours ago
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have a OpenVPN server that was deployed on Linode server. My computer's running the software that open port 8089 for client side connect. My computer do not have public ip, so the computer connect vpn to openvpn server for client connect with public ip address of vpn server.
How can i setup port forwarding for my computer? I mean how can the client side connect to my software with port 8089 that running on my computer via public ip of openvpn server?
My linode server: Debian 9
Use ufw for config firewall. I follow setup guide in this tut https://www.cyberciti.biz/faq/how-to-install-and-configure-an-openvpn-server-on-debian-9-in-5-minutes/
openvpn
asked Dec 2 at 2:58
Phan Sinh
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I have a OpenVPN server that was deployed on Linode server. My computer's running the software that open port 8089 for client side connect. My computer do not have public ip, so the computer connect vpn to openvpn server for client connect with public ip address of vpn server.
How can i setup port forwarding for my computer? I mean how can the client side connect to my software with port 8089 that running on my computer via public ip of openvpn server?
My linode server: Debian 9
Use ufw for config firewall. I follow setup guide in this tut https://www.cyberciti.biz/faq/how-to-install-and-configure-an-openvpn-server-on-debian-9-in-5-minutes/
openvpn
openvpn
asked Dec 2 at 2:58
Phan Sinh
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Dec 2 at 2:58
Phan Sinh
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited Dec 2 at 11:12
asked Dec 2 at 2:58
Phan Sinh
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Dec 2 at 2:58
Phan Sinh
1012
asked Dec 2 at 2:58
Phan Sinh
1012
1012
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Phan Sinh is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
put on hold as unclear what you're asking by G-Man, Stephen Harris, Thomas, peterh, JigglyNaga 17 hours ago
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
put on hold as unclear what you're asking by G-Man, Stephen Harris, Thomas, peterh, JigglyNaga 17 hours ago
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
Before getting this working, first ensure that your VPN client has a fixed VPN IP address. The OpenVPN Howto describes how to complete this. Ensure you pick an IP pair for the client/server from the table in that doc.
Now make sure that your Linode server can access your app on your client. I.e.
telnet <Fixed VPN IP of your client machine> 8089
To then connect the outside world, presuming your app is HTTP based, I would recommend a reverse proxy installed on the Linode machine.
Install a reverse proxy on the Linode server, which will stand between connections from the outside world, and then forward onto your application. There are many available such as Nginx, Apache, HAProxy, TinyProxy. If you have simple requirements, TinyProxy is probably a good place to start. Once installed, ensure the following lines are in the config:
ConnectPort 8089
ReversePath "/" "http://<fixed IP of your VPN client>:8089"
ReverseOnly yes
ReverseMagic yes
You will need to ensure that the firewall on your Linode server, accepts incoming connections from the outside world. To allow unrestricted access, using UFW:
sudo ufw allow 8089/tcp
Alternatively, if you only wish to allow specific clients to access your app:
sudo ufw delete allow 8089/tcp
and then for each client that should be able to access:
sudo ufw allow from <external client IP> to 8089/tcp
If you are also running a firewall on your VPN client machine, you will also need to ensure that there is a rule to allow the Linode server to connect to port 8089. You will need the VPN IP of your server. With fixed IP's, as per the Open VPN doc I referenced, you choose a pair of IP's for the VPN server and client to use:
sudo ufw allow from <Linode VPN Server IP> to 8089/tcp
You could also adjust the config so that your Linode server listens on an entirely different port (e.g. 80) by changing the 'Connect' parameter in the reverse proxy & updating the Linode server firewall rules to match, whilst your application remains on 8089.
answered Dec 2 at 9:43
clockworknet
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
Before getting this working, first ensure that your VPN client has a fixed VPN IP address. The OpenVPN Howto describes how to complete this. Ensure you pick an IP pair for the client/server from the table in that doc.
Now make sure that your Linode server can access your app on your client. I.e.
telnet <Fixed VPN IP of your client machine> 8089
To then connect the outside world, presuming your app is HTTP based, I would recommend a reverse proxy installed on the Linode machine.
Install a reverse proxy on the Linode server, which will stand between connections from the outside world, and then forward onto your application. There are many available such as Nginx, Apache, HAProxy, TinyProxy. If you have simple requirements, TinyProxy is probably a good place to start. Once installed, ensure the following lines are in the config:
ConnectPort 8089
ReversePath "/" "http://<fixed IP of your VPN client>:8089"
ReverseOnly yes
ReverseMagic yes
You will need to ensure that the firewall on your Linode server, accepts incoming connections from the outside world. To allow unrestricted access, using UFW:
sudo ufw allow 8089/tcp
Alternatively, if you only wish to allow specific clients to access your app:
sudo ufw delete allow 8089/tcp
and then for each client that should be able to access:
sudo ufw allow from <external client IP> to 8089/tcp
If you are also running a firewall on your VPN client machine, you will also need to ensure that there is a rule to allow the Linode server to connect to port 8089. You will need the VPN IP of your server. With fixed IP's, as per the Open VPN doc I referenced, you choose a pair of IP's for the VPN server and client to use:
sudo ufw allow from <Linode VPN Server IP> to 8089/tcp
You could also adjust the config so that your Linode server listens on an entirely different port (e.g. 80) by changing the 'Connect' parameter in the reverse proxy & updating the Linode server firewall rules to match, whilst your application remains on 8089.
answered Dec 2 at 9:43
clockworknet
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
add a comment |
up vote
1
down vote
Before getting this working, first ensure that your VPN client has a fixed VPN IP address. The OpenVPN Howto describes how to complete this. Ensure you pick an IP pair for the client/server from the table in that doc.
Now make sure that your Linode server can access your app on your client. I.e.
telnet <Fixed VPN IP of your client machine> 8089
To then connect the outside world, presuming your app is HTTP based, I would recommend a reverse proxy installed on the Linode machine.
Install a reverse proxy on the Linode server, which will stand between connections from the outside world, and then forward onto your application. There are many available such as Nginx, Apache, HAProxy, TinyProxy. If you have simple requirements, TinyProxy is probably a good place to start. Once installed, ensure the following lines are in the config:
ConnectPort 8089
ReversePath "/" "http://<fixed IP of your VPN client>:8089"
ReverseOnly yes
ReverseMagic yes
You will need to ensure that the firewall on your Linode server, accepts incoming connections from the outside world. To allow unrestricted access, using UFW:
sudo ufw allow 8089/tcp
Alternatively, if you only wish to allow specific clients to access your app:
sudo ufw delete allow 8089/tcp
and then for each client that should be able to access:
sudo ufw allow from <external client IP> to 8089/tcp
If you are also running a firewall on your VPN client machine, you will also need to ensure that there is a rule to allow the Linode server to connect to port 8089. You will need the VPN IP of your server. With fixed IP's, as per the Open VPN doc I referenced, you choose a pair of IP's for the VPN server and client to use:
sudo ufw allow from <Linode VPN Server IP> to 8089/tcp
You could also adjust the config so that your Linode server listens on an entirely different port (e.g. 80) by changing the 'Connect' parameter in the reverse proxy & updating the Linode server firewall rules to match, whilst your application remains on 8089.
answered Dec 2 at 9:43
clockworknet
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
add a comment |
up vote
1
down vote
up vote
1
down vote
Before getting this working, first ensure that your VPN client has a fixed VPN IP address. The OpenVPN Howto describes how to complete this. Ensure you pick an IP pair for the client/server from the table in that doc.
Now make sure that your Linode server can access your app on your client. I.e.
telnet <Fixed VPN IP of your client machine> 8089
To then connect the outside world, presuming your app is HTTP based, I would recommend a reverse proxy installed on the Linode machine.
Install a reverse proxy on the Linode server, which will stand between connections from the outside world, and then forward onto your application. There are many available such as Nginx, Apache, HAProxy, TinyProxy. If you have simple requirements, TinyProxy is probably a good place to start. Once installed, ensure the following lines are in the config:
ConnectPort 8089
ReversePath "/" "http://<fixed IP of your VPN client>:8089"
ReverseOnly yes
ReverseMagic yes
You will need to ensure that the firewall on your Linode server, accepts incoming connections from the outside world. To allow unrestricted access, using UFW:
sudo ufw allow 8089/tcp
Alternatively, if you only wish to allow specific clients to access your app:
sudo ufw delete allow 8089/tcp
and then for each client that should be able to access:
sudo ufw allow from <external client IP> to 8089/tcp
If you are also running a firewall on your VPN client machine, you will also need to ensure that there is a rule to allow the Linode server to connect to port 8089. You will need the VPN IP of your server. With fixed IP's, as per the Open VPN doc I referenced, you choose a pair of IP's for the VPN server and client to use:
sudo ufw allow from <Linode VPN Server IP> to 8089/tcp
You could also adjust the config so that your Linode server listens on an entirely different port (e.g. 80) by changing the 'Connect' parameter in the reverse proxy & updating the Linode server firewall rules to match, whilst your application remains on 8089.
answered Dec 2 at 9:43
clockworknet
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Before getting this working, first ensure that your VPN client has a fixed VPN IP address. The OpenVPN Howto describes how to complete this. Ensure you pick an IP pair for the client/server from the table in that doc.
Now make sure that your Linode server can access your app on your client. I.e.
telnet <Fixed VPN IP of your client machine> 8089
To then connect the outside world, presuming your app is HTTP based, I would recommend a reverse proxy installed on the Linode machine.
Install a reverse proxy on the Linode server, which will stand between connections from the outside world, and then forward onto your application. There are many available such as Nginx, Apache, HAProxy, TinyProxy. If you have simple requirements, TinyProxy is probably a good place to start. Once installed, ensure the following lines are in the config:
ConnectPort 8089
ReversePath "/" "http://<fixed IP of your VPN client>:8089"
ReverseOnly yes
ReverseMagic yes
You will need to ensure that the firewall on your Linode server, accepts incoming connections from the outside world. To allow unrestricted access, using UFW:
sudo ufw allow 8089/tcp
Alternatively, if you only wish to allow specific clients to access your app:
sudo ufw delete allow 8089/tcp
and then for each client that should be able to access:
sudo ufw allow from <external client IP> to 8089/tcp
If you are also running a firewall on your VPN client machine, you will also need to ensure that there is a rule to allow the Linode server to connect to port 8089. You will need the VPN IP of your server. With fixed IP's, as per the Open VPN doc I referenced, you choose a pair of IP's for the VPN server and client to use:
sudo ufw allow from <Linode VPN Server IP> to 8089/tcp
You could also adjust the config so that your Linode server listens on an entirely different port (e.g. 80) by changing the 'Connect' parameter in the reverse proxy & updating the Linode server firewall rules to match, whilst your application remains on 8089.
answered Dec 2 at 9:43
clockworknet
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited Dec 2 at 12:06
answered Dec 2 at 9:43
clockworknet
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered Dec 2 at 9:43
clockworknet
112
answered Dec 2 at 9:43
clockworknet
112
112
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
clockworknet is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
add a comment |
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
Thanks your comment @clockworknet. I have updated my question. My server use ufw to setup firewall. In your comment, I need to config each client(ip address) that want to connect to my software. That right?
– Phan Sinh
Dec 2 at 11:14
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
I have edited my answer to hopefully answer your clarification. Also, having thought about this again, I would suggest going with the reverse proxy method. It is arguably more secure, and easier to setup, assuming your app is HTTP based. I have edited my answer to remove the suggestion to use FW port forwarding.
– clockworknet
Dec 2 at 12:08
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
Thank so much @clockworknet. I will be research about proxy.
– Phan Sinh
2 days ago
add a comment |
