OK, let's get back to the beginning.
I have set up an OpenVPN server (tun) with the following addresses: public IP - x.x.x.28, internal serverIP - 10.1.0.1), and connected a client to it, which is my home router (internal IP - 10.1.0.10). Now, I have configured port forwarding on OpenVPN server, so everything that comes to x.x.x.28 on port TCP 1234 is forwarded to 192.168.1.101:1234, which is a server in my local subnet 192.168.1.0/24.
Everything works, but the only problem I have is that I can't see real IPs on my server 192.168.1.101. Everything looks like connected from my VPN server 10.1.0.1. Here is my iptables config:
Code: Select all
-A PREROUTING -d x.x.x.28/32 -p tcp -m tcp --dport 1234 -j DNAT --to-destination 192.168.1.101:1234 -A POSTROUTING -d 192.168.1.101/32 -p tcp -m tcp --dport 1234 -j SNAT --to-source 10.1.0.1 -A POSTROUTING -o eth0 -j SNAT --to-source x.x.x.28
I know it is because it is SNAT in the second line, but how to make it work other way?
Once again sorry for the offtopic, but I know there are people, who are much more experienced with iptables than me (actually I am a total greenhorn).