Skip to end of metadata
Go to start of metadata

Originally written some time in 2015

There are many situations where you may not be able to open ports from whatever internet connection your on. Whether your trying to access a remote IP Cam over a 3G connection that has a Carrier Grade NAT, or you just want to run your own server, but your ISP blocks ports, this tutorial is for you.

First, you'll need a "VPS". I recommend picking one up off http://lowendtalk.com/. Next, get an openvpn server up and running (I choose to use the openvpn-install script made by "Nyr" on github. Its a great script that gets you a working openvpn server in minutes.) link to install script: https://github.com/Nyr/openvpn-install

To port forward to clients on the OpenVPN server, the process is fairly simple and can all be accomplished with IPTables commands. For example, I want to open port 80 on a webserver running behind a mobile 3G connection. To open Port 80, this is what I would type:

iptables -t nat -A PREROUTING -d 107.150.31.1 -p tcp --dport 80 -j DNAT --to-dest 10.8.0.2:80 

Confused? No problem. The rule goes like this, where you see 107.150.31.1 , put the WAN IP of your VPN server. After --dport 80 change that to the port you want to forward to the VPN client. Last, after --to-dest paste the OpenVPN CLIENT IP.

So to wrap things up, the above rule would open port 80, forward it to the openvpn client running at 10.8.0.2, and be accessible from the VPN's WAN IP of 107.150.31.1. So typing http://107.150.31.1 would actually be loading the page from the OpenVPN client running at 10.8.0.2.

  • No labels