Jump to content
TorGuard
  • 1
Oldschool

Incoming Connections and DDNS

Rate this question

Question

Oldschool

I have a media server I would like to access from outside my network. I have a DDWRT router configured so the entire network connects through TorGuard. I used to have a DDNS account and I was able to use it to connect with my server, but it looks like TorGuard does not allow incoming connections through the VPN for this purpose. Am I correct? How can I configure my setup to allow an incoming connection from the outside?

Share this post


Link to post
Share on other sites

4 answers to this question

Recommended Posts

  • 0
Support

We would need to open his port for you, which media server are you running ?

 

Regards

Share this post


Link to post
Share on other sites
  • 0
Support

Ok you will need to submit a ticket for this.

 

Regards

Share this post


Link to post
Share on other sites
  • 0
Guest

Alternatively you could use an iptables script to modify the mangle table to selectively route through VPN. I have tomato firmware but ddwrt should also have an area for start-up/wan-up scripts.

 

http://www.linksysinfo.org/index.php?threads/route-only-specific-ports-through-vpn-openvpn.37240/

 

Post #9 is the template I used but slightly modified. You would only have to modify the last couple lines. Instead of marking all traffic as bypassing the VPN I changed it to default all connections through VPN with selective IP/port/destinations to bypass the VPN. My WAN-up script is shown below. The last 4 lines are all that I changed.

 

 

for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
 echo 0 > $i
done
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
ip route show table main | grep -Ev ^default | grep -Ev tun11 
 | while read ROUTE ; do
     ip route add table 100 $ROUTE
done
ip route add default table 100 via $(nvram get wan_gateway)
ip rule add fwmark 1 table 100
ip route flush cache

iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 0
iptables -t mangle -A PREROUTING -i br0 -s 192.168.2.200 -p tcp --sport 32400 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -s 192.168.2.200 -d plex.tv -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -s 192.168.2.211 -p udp --dport 443 -j MARK --set-mark 1

 

This line tells all traffic from the in-interface br0 (internal lan) to initially go through VPN (tun11 is vpn)

iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 0

 

This line says to allow traffic from source ip 192.168.2.200 with protocol tcp from source port 32400 to bypass vpn. (Plex server)

iptables -t mangle -A PREROUTING -i br0 -s 192.168.2.200 -p tcp --sport 32400 -j MARK --set-mark 1

 

This line says to allow traffic from source ip ... with destination plex.tv to bypass vpn

iptables -t mangle -A PREROUTING -i br0 -s 192.168.2.200 -d plex.tv -j MARK --set-mark 1

 

This line says to let traffic from source ip ... with protocol udp for destination port 443 bypass vpn. (This is a separate computer with the VPN client installed)

iptables -t mangle -A PREROUTING -i br0 -s 192.168.2.211 -p udp --dport 443 -j MARK --set-mark 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...