10879 questions

12963 answers

20221 comments

26148 members

0 votes
54 views 4 comments
by
Hello,

I have in my LAN a device and a RUT240 which is connected mobile with the internet. Now the device send data packages to a server outside my network. The server IP is determined by my device and cannot be changed. Now I want to use another server with a different IP. Unfortunately I can't enter this new IP in my device. Is it possible that the RUT changes the IP from my device in order to sent the data to my new server? Thank you. Andreas

1 Answer

0 votes
by

Hello,

From a ssh or CLI console try:

iptables -t nat -A PREROUTING -p tcp -d old-server -j DNAT --to-destination new-server
iptables -t nat -A PREROUTING -p udp -d old-server -j DNAT --to-destination new-server
iptables -t nat -A PREROUTING -p icmp -d old-server -j DNAT --to-destination new-server

Replace old-server and new-sever as appropriate. If you are satisfied with the rules put them in the firewall's custom rules.

Regards,

by
Thank you for your quick response. I'm really a beginner. Sorry. The adress of my old server I do not know. My new ftp would be like this:"abc.bplaced.net". But it would be ok if all traffic goes to the new ftp. Could you please show me for one line how it must looks like detailed in my example ?. Thanks.
by

The address of my old server I do not know.

That's annoying ... If it is a ftp server try a tcpdump -i any -n -v 'port 21' on the router and look at the destination address your device is trying to reach in the tcp SYN packets, and use this value as old-address in the iptables command.

My new ftp would be like this:"abc.bplaced.net"

This address can be used as is or you can replace it with the result of nslookup abc.bplaced.net. So the command becomes:

iptables -t nat -A PREROUTING -p tcp -d old-server -j DNAT --to-destination abc.bplaced.net

by

The problem is that my device is not at my home location.I hoped that we can take something like "all" (instead of old server). But I noticed another problem. What will I do with the ftp user/passwort. Not easy for me frown. Thanks for your patience.

by

>I hoped that we can take something like "all" (instead of old server)

Then just remove the -d old-server option from the iptables command.

>What will I do with the ftp user/passwort

They shouldn't change.