Port forwarding question

Thread replies: 8
Thread images: 1

Anonymous
Port forwarding question 2016-05-26 20:13:15 Post No. 54755576
[Report] Image search: [Google]

File: forward-two-ports-to-two-different-computers.jpg (29 KB, 599x229) Image search: [Google]

Port forwarding question Anonymous 2016-05-26 20:13:15 Post No. 54755576 [Report]

I have a question regarding port forwarding and I hope you can help.
I have two machines that are accessible over public IP, let's call them 1 and 2.
I need to access a web service that runs on 2 but I can't as for some reason the IP is blacklisted and I can't do anything about that.
Machine 1, on the other hand, can be accessed without restrictions.
How can I use machine 1 as a traffic bridge towards the service on machine 2?
I know I could do a simple port forwarding on the firewall but that wouldn't work as the return traffic would come with the IP of machine 2 and would be blocked.
Another solution I'm thinking of is a VPN, but I would like to know if there is something else.
I'm running FreeBSD 10 on both machines btw.

>>

Anonymous 2016-05-26 20:16:05 Post No.54755615
[Report]

Anonymous 2016-05-26 20:16:05 Post No.54755615 [Report]

>>54755576
Send all traffic to the available computer, have the available computer use iptables to redirect traffic on a certain port to the non available computer, and iptables to forward returned traffic as well

>>

Anonymous 2016-05-26 20:18:06 Post No.54755641
[Report]

Anonymous 2016-05-26 20:18:06 Post No.54755641 [Report]

>>54755576
Look at DMZ maybe that can help you

>>

Anonymous 2016-05-26 20:20:56 Post No.54755682
[Report]

Anonymous 2016-05-26 20:20:56 Post No.54755682 [Report]

>>54755576
Do you a firewall like ASA or is it a home router?

>>

Anonymous 2016-05-26 20:53:38 Post No.54756205
[Report]

Anonymous 2016-05-26 20:53:38 Post No.54756205 [Report]

>>54755615
>>54755641
>>54755682
Thanks for the replies.
So, I control both machines and their network 100%: 1 is a VPN while 2 is a machine I have at home.
I run pf as firewall on machine 1 and openwrt as router/firewall on my home network

>>

Anonymous 2016-05-26 21:15:48 Post No.54756481
[Report]

Anonymous 2016-05-26 21:15:48 Post No.54756481 [Report]

>>54755615
>>54755641
>>54755682
One is a VPS, sorry.
Pretty much what I'm looking for is something like SSH tunneling but for a web server

>>

Anonymous 2016-05-26 21:49:13 Post No.54756944
[Report]

Anonymous 2016-05-26 21:49:13 Post No.54756944 [Report]

The IP of machine 2 is "blacklisted"? Can you elaborate?

The openwrt router is performing NAT, right? Are the IP addresses of both hosts in one of the RFC1918 ranges?

192.168.0.0/16
172.16.0.0/12
10.0.0.0/8

Are they both assigned in the same range, assuming you have a single downstream interface on the router running openwrt?

>>

Anonymous 2016-05-26 22:55:50 Post No.54758133
[Report]

Anonymous 2016-05-26 22:55:50 Post No.54758133 [Report]

>>54756944
For whatever reason from the network I can't connect to the public IP of machine 2. It doesn't matter the port or the service, as soon as the SYN is sent, an ACK/RST is received. Only ICMP traffic can pass.
The IP address of machine 1 is a public IP while machine 2 is in my home network (192.168.0.0/24) which is NATted. On my firewall the port is open and port forwarding is enable.
I don't know if on machine 1 I could put a special rule in PF to NAT a port towards the public IP of machine 2?