Discussion:
Proxy redirect to different server
Paul Spicer
2013-05-13 21:25:19 UTC
Permalink
Alright, I'm not entirely sure what the best way to word this is, but I'm
going to take a stab at it...

What I'm trying to find out is how to set up a Linux server to act as a
proxy / redirect machine for a specific server.

Here's the scenario: We have a remote site (192.168.100.0) connected to our
local network (192.168.1.0) through OpenVPN. At that site, we have a server
(192.168.100.10). Locally, we can connect and communicate with this server
with no problems. Thing is, that remote site doesn't have a static public
IP address. Our thoughts: use one of the static IPs available to us locally
and forward traffic to the remote server, thus allowing outside access.
Problem is, while OpenVPN will forward the internet traffic to that server
just fine, that remote server is trying to send it's reply to the public
address that made the request (and not through the VPN tunnel).

My thought was to set up a server on our local network that would do
nothing but act as a proxy for the remote server. The public address will
forward to this proxy and all traffic will route to the remote server,
appearing to originate from the local network. The remote server will reply
as it should and the proxy will feed the information back to the requesting
public address.

A crude diagram of what I'm trying to accomplish:
(internet)---[Local network]---[proxy/redirect]---{VPN}---[remote server]

I can not find any how-tos or tutorials explaining how to do what I want. I
found numerous proxy tutorials as well as tutorials on how to redirect
traffic, but nothing combining the two into one convenient server.

So, does anyone have any idea what I'm trying to accomplish and have any
suggestions?
Robert Mckennon
2013-05-14 01:33:27 UTC
Permalink
Paul, perhaps I'm missing something, but wouldn't Dynamic DNS solve the
problem? It automatically updates DNS when ever your public IP address
changes, and there are numerous free DDNS providers out there.

Rob
Post by Paul Spicer
Alright, I'm not entirely sure what the best way to word this is, but I'm
going to take a stab at it...
What I'm trying to find out is how to set up a Linux server to act as a
proxy / redirect machine for a specific server.
Here's the scenario: We have a remote site (192.168.100.0) connected to our
local network (192.168.1.0) through OpenVPN. At that site, we have a server
(192.168.100.10). Locally, we can connect and communicate with this server
with no problems. Thing is, that remote site doesn't have a static public
IP address. Our thoughts: use one of the static IPs available to us locally
and forward traffic to the remote server, thus allowing outside access.
Problem is, while OpenVPN will forward the internet traffic to that server
just fine, that remote server is trying to send it's reply to the public
address that made the request (and not through the VPN tunnel).
My thought was to set up a server on our local network that would do
nothing but act as a proxy for the remote server. The public address will
forward to this proxy and all traffic will route to the remote server,
appearing to originate from the local network. The remote server will reply
as it should and the proxy will feed the information back to the requesting
public address.
(internet)---[Local network]---[proxy/redirect]---{VPN}---[remote server]
I can not find any how-tos or tutorials explaining how to do what I want. I
found numerous proxy tutorials as well as tutorials on how to redirect
traffic, but nothing combining the two into one convenient server.
So, does anyone have any idea what I'm trying to accomplish and have any
suggestions?
Paul Spicer
2013-05-14 01:46:43 UTC
Permalink
I suppose you are missing something. This remote site is running off of a
cellular hot-spot. As such, it won't work with a DDNS provider because it
has no static inbound address. (We tried that... Every time it
re-registered to dyndns, it was a different address...
Post by Robert Mckennon
Paul, perhaps I'm missing something, but wouldn't Dynamic DNS solve the
problem? It automatically updates DNS when ever your public IP address
changes, and there are numerous free DDNS providers out there.
Rob
Post by Paul Spicer
Alright, I'm not entirely sure what the best way to word this is, but I'm
going to take a stab at it...
What I'm trying to find out is how to set up a Linux server to act as a
proxy / redirect machine for a specific server.
Here's the scenario: We have a remote site (192.168.100.0) connected to our
local network (192.168.1.0) through OpenVPN. At that site, we have a server
(192.168.100.10). Locally, we can connect and communicate with this server
with no problems. Thing is, that remote site doesn't have a static public
IP address. Our thoughts: use one of the static IPs available to us locally
and forward traffic to the remote server, thus allowing outside access.
Problem is, while OpenVPN will forward the internet traffic to that server
just fine, that remote server is trying to send it's reply to the public
address that made the request (and not through the VPN tunnel).
My thought was to set up a server on our local network that would do
nothing but act as a proxy for the remote server. The public address will
forward to this proxy and all traffic will route to the remote server,
appearing to originate from the local network. The remote server will reply
as it should and the proxy will feed the information back to the requesting
public address.
(internet)---[Local network]---[proxy/redirect]---{VPN}---[remote server]
I can not find any how-tos or tutorials explaining how to do what I want. I
found numerous proxy tutorials as well as tutorials on how to redirect
traffic, but nothing combining the two into one convenient server.
So, does anyone have any idea what I'm trying to accomplish and have any
suggestions?
Andrew Leslie
2013-05-14 02:42:09 UTC
Permalink
The issue with cellular internet is that it's NAT behind NAT so you'll
never get a true public IP.

(Sorry for the duplicate Paul, forgot to cc the list.)
Post by Paul Spicer
I suppose you are missing something. This remote site is running off of a
cellular hot-spot. As such, it won't work with a DDNS provider because it
has no static inbound address. (We tried that... Every time it
re-registered to dyndns, it was a different address...
Post by Robert Mckennon
Paul, perhaps I'm missing something, but wouldn't Dynamic DNS solve the
problem? It automatically updates DNS when ever your public IP address
changes, and there are numerous free DDNS providers out there.
Rob
Post by Paul Spicer
Alright, I'm not entirely sure what the best way to word this is, but
I'm
Post by Robert Mckennon
Post by Paul Spicer
going to take a stab at it...
What I'm trying to find out is how to set up a Linux server to act as a
proxy / redirect machine for a specific server.
Here's the scenario: We have a remote site (192.168.100.0) connected to our
local network (192.168.1.0) through OpenVPN. At that site, we have a server
(192.168.100.10). Locally, we can connect and communicate with this
server
Post by Robert Mckennon
Post by Paul Spicer
with no problems. Thing is, that remote site doesn't have a static
public
Post by Robert Mckennon
Post by Paul Spicer
IP address. Our thoughts: use one of the static IPs available to us locally
and forward traffic to the remote server, thus allowing outside access.
Problem is, while OpenVPN will forward the internet traffic to that
server
Post by Robert Mckennon
Post by Paul Spicer
just fine, that remote server is trying to send it's reply to the public
address that made the request (and not through the VPN tunnel).
My thought was to set up a server on our local network that would do
nothing but act as a proxy for the remote server. The public address
will
Post by Robert Mckennon
Post by Paul Spicer
forward to this proxy and all traffic will route to the remote server,
appearing to originate from the local network. The remote server will reply
as it should and the proxy will feed the information back to the requesting
public address.
(internet)---[Local network]---[proxy/redirect]---{VPN}---[remote
server]
Post by Robert Mckennon
Post by Paul Spicer
I can not find any how-tos or tutorials explaining how to do what I
want.
Post by Robert Mckennon
Post by Paul Spicer
I
found numerous proxy tutorials as well as tutorials on how to redirect
traffic, but nothing combining the two into one convenient server.
So, does anyone have any idea what I'm trying to accomplish and have any
suggestions?
Jared Fowkes
2013-05-14 12:09:04 UTC
Permalink
It would seem that your problem is that your server routing traffic to the
wrong gateway.

I'm not completely familiar with VPN software, but I've seen some VPN
clients ( Microsoft Windows and Cisco ) that have an option to route all
traffic through the default gateway of the remote VPN, which should solve
your problem if I understand properly.
Post by Andrew Leslie
The issue with cellular internet is that it's NAT behind NAT so you'll
never get a true public IP.
(Sorry for the duplicate Paul, forgot to cc the list.)
Post by Paul Spicer
I suppose you are missing something. This remote site is running off of a
cellular hot-spot. As such, it won't work with a DDNS provider because it
has no static inbound address. (We tried that... Every time it
re-registered to dyndns, it was a different address...
Post by Robert Mckennon
Paul, perhaps I'm missing something, but wouldn't Dynamic DNS solve the
problem? It automatically updates DNS when ever your public IP address
changes, and there are numerous free DDNS providers out there.
Rob
Post by Paul Spicer
Alright, I'm not entirely sure what the best way to word this is, but
I'm
Post by Robert Mckennon
Post by Paul Spicer
going to take a stab at it...
What I'm trying to find out is how to set up a Linux server to act as
a
Post by Paul Spicer
Post by Robert Mckennon
Post by Paul Spicer
proxy / redirect machine for a specific server.
Here's the scenario: We have a remote site (192.168.100.0) connected
to
Post by Paul Spicer
Post by Robert Mckennon
Post by Paul Spicer
our
local network (192.168.1.0) through OpenVPN. At that site, we have a server
(192.168.100.10). Locally, we can connect and communicate with this
server
Post by Robert Mckennon
Post by Paul Spicer
with no problems. Thing is, that remote site doesn't have a static
public
Post by Robert Mckennon
Post by Paul Spicer
IP address. Our thoughts: use one of the static IPs available to us locally
and forward traffic to the remote server, thus allowing outside
access.
Post by Paul Spicer
Post by Robert Mckennon
Post by Paul Spicer
Problem is, while OpenVPN will forward the internet traffic to that
server
Post by Robert Mckennon
Post by Paul Spicer
just fine, that remote server is trying to send it's reply to the
public
Post by Paul Spicer
Post by Robert Mckennon
Post by Paul Spicer
address that made the request (and not through the VPN tunnel).
My thought was to set up a server on our local network that would do
nothing but act as a proxy for the remote server. The public address
will
Post by Robert Mckennon
Post by Paul Spicer
forward to this proxy and all traffic will route to the remote server,
appearing to originate from the local network. The remote server will reply
as it should and the proxy will feed the information back to the requesting
public address.
(internet)---[Local network]---[proxy/redirect]---{VPN}---[remote
server]
Post by Robert Mckennon
Post by Paul Spicer
I can not find any how-tos or tutorials explaining how to do what I
want.
Post by Robert Mckennon
Post by Paul Spicer
I
found numerous proxy tutorials as well as tutorials on how to redirect
traffic, but nothing combining the two into one convenient server.
So, does anyone have any idea what I'm trying to accomplish and have
any
Post by Paul Spicer
Post by Robert Mckennon
Post by Paul Spicer
suggestions?
Tim Holloway
2013-05-16 11:02:28 UTC
Permalink
Post by Paul Spicer
Alright, I'm not entirely sure what the best way to word this is, but I'm
going to take a stab at it...
What I'm trying to find out is how to set up a Linux server to act as a
proxy / redirect machine for a specific server.
Here's the scenario: We have a remote site (192.168.100.0) connected to our
local network (192.168.1.0) through OpenVPN. At that site, we have a server
(192.168.100.10). Locally, we can connect and communicate with this server
with no problems. Thing is, that remote site doesn't have a static public
IP address. Our thoughts: use one of the static IPs available to us locally
and forward traffic to the remote server, thus allowing outside access.
Problem is, while OpenVPN will forward the internet traffic to that server
just fine, that remote server is trying to send it's reply to the public
address that made the request (and not through the VPN tunnel).
My thought was to set up a server on our local network that would do
nothing but act as a proxy for the remote server. The public address will
forward to this proxy and all traffic will route to the remote server,
appearing to originate from the local network. The remote server will reply
as it should and the proxy will feed the information back to the requesting
public address.
(internet)---[Local network]---[proxy/redirect]---{VPN}---[remote server]
I can not find any how-tos or tutorials explaining how to do what I want. I
found numerous proxy tutorials as well as tutorials on how to redirect
traffic, but nothing combining the two into one convenient server.
So, does anyone have any idea what I'm trying to accomplish and have any
suggestions?
You can use IPTABLES to proxy as long as there is a way of clearly
determining what traffic goes to the public machine and what traffic
goes to the private machine. Basically, you'd sub-let the public
machine's IP address for the selected port(s) to the private machine.

Some routers can also do this.

Tim



---------------------------------------------------------------------
Archive http://marc.info/?l=jaxlug-list&r=1&w=2
RSS Feed http://www.mail-archive.com/list-QVYiWngmsdMdnm+***@public.gmane.org/maillist.xml
Unsubscribe list-unsubscribe-QVYiWngmsdMdnm+***@public.gmane.org
Loading...