I have successfully set up OpenVPN server on VPS (IP: 188.8.131.52). I have then connected my MikroTik to that server as a client (WAN: 184.108.40.206, LAN: 10.10.10.0/24, Client VPN IP: 10.8.0.101). I have also set up port forwarding on VPS so once you try to connect with 220.127.116.11:2502 you are actually connecting with my server in LAN (IP: 10.10.10.5) on port 2502. OpenVPN knows the routes, so there are following rules in iptables:
This one I found on the following site https://ubuntuforums.org/showthread.php?t=2319289
*nat -A PREROUTING -d 18.104.22.168/32 -p tcp -m tcp --dport 2502 -j DNAT --to-destination 10.10.10.5:2502 -A POSTROUTING -d 10.10.10.5/32 -p tcp -m tcp --dport 2502 -j SNAT --to-source 10.8.0.1
There is also masquerade set up to allow using OpenVPN to connect with specific IPs in the Internet.
On MikroTik I have:
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
/ip firewall nat add action=masquerade chain=srcnat comment="Maskarada WAN" out-interface-list=WAN to-addresses=0.0.0.0/0 /interface list add name=WAN /interface list member add interface=BrokNET list=WAN add interface=OVPN list=WAN
What the problem is?
The problem is, that on my local server 10.10.10.5 all clients connected to that server show their source IP as the IP of OpenVPN server (10.8.0.1) instead of the real ones. I have already tried to change masquerade rule on iptables to:
but it didn't help. Also tried to do the same with masquerade rule on MikroTik and changed it to:
iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -o eth0 -j SNAT --to-source 22.214.171.124
but this didn't help too.
/ip firewall nat add action=src-nat chain=srcnat comment="Maskarada WAN" src-address=10.10.10.0/24 to-addresses=10.8.0.101
I will appreciate any help.
Thanks in advance.