Skip to end of metadata
Go to start of metadata

Originally written some time in 2015

There are many situations where you may not be able to open ports from whatever internet connection your on. Whether your trying to access a remote IP Cam over a 3G connection that has a Carrier Grade NAT, or you just want to run your own server, but your ISP blocks ports, this tutorial is for you.

First, you'll need a "VPS". I recommend picking one up off Next, get an openvpn server up and running (I choose to use the openvpn-install script made by "Nyr" on github. Its a great script that gets you a working openvpn server in minutes.) link to install script:

To port forward to clients on the OpenVPN server, the process is fairly simple and can all be accomplished with IPTables commands. For example, I want to open port 80 on a webserver running behind a mobile 3G connection. To open Port 80, this is what I would type:

iptables -t nat -A PREROUTING -d -p tcp --dport 80 -j DNAT --to-dest 

Confused? No problem. The rule goes like this, where you see , put the WAN IP of your VPN server. After --dport 80 change that to the port you want to forward to the VPN client. Last, after --to-dest paste the OpenVPN CLIENT IP.

So to wrap things up, the above rule would open port 80, forward it to the openvpn client running at, and be accessible from the VPN's WAN IP of So typing would actually be loading the page from the OpenVPN client running at

  • No labels