Problem Carrier Grade Nat workaround with Azure Server.
Posted: Thu Sep 26, 2019 12:12 pm
I'm working on a solution for carrier grade NAT workaround.
New LTE wireless ISP can only offer carrier grade NAT (no public IP only a private IP is supplied to our routeur/firewall). We need to port forward certain ports for business purposes.
I have setup up a Azure Ubuntu Server VM which has a public IP. I have installed SoftEther server on the Ubuntu VM (vpn IP: 192.168.30.1) with a virtual hub /local bridge witch seems to be working. the client machine running SoftEther VPN client can connect to the vpn server and obtains a vpn IP adresse (192.168.30.200) and the ping works in both directions from vm to client and client to vm.
I have setup Iptables and DNSmasq (on the Ubuntu VM). i have opened port in the Azure control panel
I have setup static local ip the will be receiving the portforword
i've creted /etc/ethers with MAC address and IP of portforward destination
here is output of iptables:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.30.0/24 anywhere state NEW
ACCEPT tcp -- anywhere 192.168.30.200 tcp dpt:5900
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.30.0/24 anywhere state NEW
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.30.0/24 anywhere state NEW
the problem is that the port forward does not work . should i setup a SoftEther server on lan side instead of client and create bridge.
Any help would be appreciated.
New LTE wireless ISP can only offer carrier grade NAT (no public IP only a private IP is supplied to our routeur/firewall). We need to port forward certain ports for business purposes.
I have setup up a Azure Ubuntu Server VM which has a public IP. I have installed SoftEther server on the Ubuntu VM (vpn IP: 192.168.30.1) with a virtual hub /local bridge witch seems to be working. the client machine running SoftEther VPN client can connect to the vpn server and obtains a vpn IP adresse (192.168.30.200) and the ping works in both directions from vm to client and client to vm.
I have setup Iptables and DNSmasq (on the Ubuntu VM). i have opened port in the Azure control panel
I have setup static local ip the will be receiving the portforword
i've creted /etc/ethers with MAC address and IP of portforward destination
here is output of iptables:
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.30.0/24 anywhere state NEW
ACCEPT tcp -- anywhere 192.168.30.200 tcp dpt:5900
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.30.0/24 anywhere state NEW
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- 192.168.30.0/24 anywhere state NEW
the problem is that the port forward does not work . should i setup a SoftEther server on lan side instead of client and create bridge.
Any help would be appreciated.