7662 questions

9091 answers

14654 comments

12055 members

0 votes
157 views 2 comments
by
Hello, i am trying to make a WAN-IP acessible via another WAN-IP. So i want to forward all traffic that is sent to my RUTX09 (A) via WAN (internet) to another Server (B) in WAN (internet). I figure i need DNAT and SNAT but after a lot of trial and error, i cannot get it working. Any guidance would be very much appreciated! I have currently made a SNAT Rule with

Match:
any traffic
From Any Host in wan with source ports 2000-2005
To IP (B) ports 2000-2005 in wan

Action Rewrite to source IP (B)

(A) and (B) stand for the IP-Adresses of the respective Servers, which i do not want to make public.

1 Answer

0 votes
by
Hi,

This could be easily done if you have public IP addresses on both sides (A and B). You can port forward traffic to B if they connect to the public IP address of A. In B you can make a firewall rule that only allows traffic that comes from A.

An even better solution would be having a VPN connection between these to keep those as private as possible.

EB.
by
Hi, thanks for your reply! I did try that, but port forward only accepts LAN as destination whereas my B is in WAN as it is in deed a static public ip. I suppose I need to figure out what settings to make in NAT, following the OpenWRT Guide but I can’t quite get it to work. So any specifics on what needs to be set in the SNAT rule would be very helpful! Have a nice day!
by

Hi,

Please try these in your config:

Change 172.20.41.18 with WAN IP that you're willing to reach and change 172.20.41.15 to what should be yours WAN IP. Using these rules ..41.18 IP should be reached from your shared Public IP address, if you're already under NAT'ed network.