Jump to content
TorGuard
  • 0
ErsenOs

Port Forward Worked on DSM but not on ASUS AC86U Help

Rate this question

Question

ErsenOs

Have been running a VPN through my Synology Box with port forwading, has been working great!

BUT

I have recently purchased a Asus RT-AC96U, running merlin firmware, i want that to control my networks VPN

I have setup OpenVPN file which is working fine but the port forwarding isnt working

 

I am using exactly the same files and the same setup but i just cant get it to open my specified VPN port which is 5151

 

help me

1.jpg

2.jpg

3.jpg

4.jpg

Share this post


Link to post
Share on other sites

8 answers to this question

Recommended Posts

  • 0
ErsenOs

Well i figured it out, have to connect to the router via SSH and do this, whatever it all means lol

iptables -I FORWARD -i tun12 -p udp -d 192.168.0.39 --dport 5151 -j ACCEPT
iptables -I FORWARD -i tun12 -p tcp -d 192.168.0.39 --dport 5151 -j ACCEPT
iptables -t nat -I PREROUTING -i tun12 -p tcp --dport 5151 -j DNAT --to-destination 192.168.0.39
iptables -t nat -I PREROUTING -i tun12 -p udp --dport 5151 -j DNAT --to-destination 192.168.0.39

 

maybe this will help others

 

 

i have also figured out how to run this script when the router starts automatically

 

anyone need help let me know

Edited by ErsenOs

Share this post


Link to post
Share on other sites
  • 0
Support
On 07/03/2018 at 11:30 AM, ErsenOs said:

Well i figured it out, have to connect to the router via SSH and do this, whatever it all means lol

iptables -I FORWARD -i tun12 -p udp -d 192.168.0.39 --dport 5151 -j ACCEPT
iptables -I FORWARD -i tun12 -p tcp -d 192.168.0.39 --dport 5151 -j ACCEPT
iptables -t nat -I PREROUTING -i tun12 -p tcp --dport 5151 -j DNAT --to-destination 192.168.0.39
iptables -t nat -I PREROUTING -i tun12 -p udp --dport 5151 -j DNAT --to-destination 192.168.0.39

 

maybe this will help others

 

 

i have also figured out how to run this script when the router starts automatically

 

anyone need help let me know

 

Thanks, the port forwarding interface on the router won't take into consideration the VPN interface and so you have to use these iptable rules to forward the port to the correct LAN device.

Glad you got that going.

Regards

Share this post


Link to post
Share on other sites
  • 0
Rhyno

are you only able to point this to a single host or are you able to forward the traffic to the OpenVPN server running on the router? For example, I want to be able to connect to my OpenVPN server running on the router while i am also using the OpenVPN client to connect to torguard vpn.

Share this post


Link to post
Share on other sites
  • 0
Support
On 3/28/2019 at 1:33 PM, Rhyno said:

are you only able to point this to a single host or are you able to forward the traffic to the OpenVPN server running on the router? For example, I want to be able to connect to my OpenVPN server running on the router while i am also using the OpenVPN client to connect to torguard vpn.

 

Yes, that is still possible, you can open the OpenVPN port your server runs on and then point the port forward to the router IP.

Regards

Share this post


Link to post
Share on other sites
  • 0
Rhyno

Using similar iptables commands as the ones shown above doesn't seem to do the trick. I pointed them to the OpenVPN Server IP for example:

my VPN client on the router is connecting over port 1195, so that shouldn't interfere with 1194 on the openVPN server.

 

iptables -I FORWARD -i tun12 -p udp -d 192.168.5.1 --dport 1194 -j ACCEPT
iptables -I FORWARD -i tun12 -p tcp -d 192.168.5.1 --dport 1194 -j ACCEPT
iptables -t nat -I PREROUTING -i tun12 -p tcp --dport 1194 -j DNAT --to-destination 192.168.5.1
iptables -t nat -I PREROUTING -i tun12 -p udp --dport 1194 -j DNAT --to  192.168.5.1

Share this post


Link to post
Share on other sites
  • 0
Support
On 4/2/2019 at 11:17 PM, Rhyno said:

Using similar iptables commands as the ones shown above doesn't seem to do the trick. I pointed them to the OpenVPN Server IP for example:

my VPN client on the router is connecting over port 1195, so that shouldn't interfere with 1194 on the openVPN server.

 

iptables -I FORWARD -i tun12 -p udp -d 192.168.5.1 --dport 1194 -j ACCEPT
iptables -I FORWARD -i tun12 -p tcp -d 192.168.5.1 --dport 1194 -j ACCEPT
iptables -t nat -I PREROUTING -i tun12 -p tcp --dport 1194 -j DNAT --to-destination 192.168.5.1
iptables -t nat -I PREROUTING -i tun12 -p udp --dport 1194 -j DNAT --to  192.168.5.1

 

You can't open port 1194 on the TG OpenVPN server as we use that port, you need to change the server port on your end to a port above 2048 and then open that on the Tg IP your connecting with.

Share this post


Link to post
Share on other sites
  • 0
Rhyno

Correct, which is why i put using "Similar" ip tables. The ports I and IP addresses i am using are not the ones shown in the commands. They are >2048 range to allow for the port forwarding.

Share this post


Link to post
Share on other sites
  • 0
GPJJ
On 3/14/2018 at 1:27 AM, Support said:

 

Thanks, the port forwarding interface on the router won't take into consideration the VPN interface and so you have to use these iptable rules to forward the port to the correct LAN device.

Glad you got that going.

Regards

Hi,

brand new here ; can you pls further explain your answer. I have more or less the same issue ie: I have set-up VPN for my ASUS router and assigned my Synology NAS. I see that the NAS is well going thru the VPN but then I cannot connect anymore from the internet on my NAS .... any suggestions ? (I opened a ticket but they seems out of idea ....)

Thanks,

GP.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×