OPNsense Forum

Archive => 22.7 Legacy Series => Topic started by: saaiborg on January 06, 2023, 10:29:40 pm

Title: Port forwarding to VPN enabled linux device
Post by: saaiborg on January 06, 2023, 10:29:40 pm

Hello,

I have a (Linux) device on my network who gets internal ip 10.0.0.2 from the DHCP server of OPNsense.
That linux device is permanently connected to Surfshark using the Surfshark linux client. The device also gets (internal) IP 10.14.0.2 from the Surfshark client.

I want port 140 to be accessible on that linux device from the Internet
Setting a port forwarding rule to 10.0.0.2 doesn't make it accessible over the Internet, only from other devices on the 10.0.0.x LAN network.
Setting a port forwarding rule to 10.14.0.2 doesn't work at all...

How do I set this up please?
Thanks!

Title: Re: Port forwarding to VPN enabled linux device
Post by: MrB on January 07, 2023, 10:56:48 am

Quote from: saaiborg on January 06, 2023, 10:29:40 pm

I want port 140 to be accessible on that linux device from the Internet

Which external ip-address are you trying to access, your normal WAN ip or the Surfshark one? The latter wont work since the port forward needs to be done at Shurfshark, which they don't support ( https://surfshark.com/blog/vpn-port-forwarding#vpn-clients-and-vpn-port-forwarding (https://surfshark.com/blog/vpn-port-forwarding#vpn-clients-and-vpn-port-forwarding) ).

If you get a public ip-address from your ISP, then it should be as simple as creating a port forward rule on your WAN interface for port 140 pointing to the clients internal ip. But if your ISP does Carrier-grade NAT (CGN or CGNAT), then this will not work.

Title: Re: Port forwarding to VPN enabled linux device
Post by: saaiborg on January 07, 2023, 03:42:37 pm

DELETED