Help - Search - Members - Calendar
Full Version: Ip Tables Help!
Linuxhelp > Support > Technical Support
gcm
Hi,
I have a linux router setup and I want to forward all requests on 3389 (terminal server) to an internal IP address.

This is what i have so far, but it doesn't work, I get the "Client cound not connect to the remote computer" when I try.
******************************************************************************

$IPTABLES -A INPUT -i $EXTIF -p tcp --sport 3389 -j ACCEPT
$IPTABLES -A OUTPUT -o $INTIF -p tcp --sport 3389 -j ACCEPT
$IPTABLES -t nat -A PREROUTING -p tcp -i $EXTIF -d $EXTIF --dport 3389 -j DNAT --to 192.168.0.194:3389
$IPTABLES -A FORWARD -p tcp -i $EXTIF -d 192.168.0.194 --dport 3389 -j ACCEPT


******************************************************************************
$EXTIF = External Interface
$INTIF = Internal Interface (192.168.0.1)
Target computer for Terminal Server = 192.168.0.194

Can someone please tell me what I need to do to get this working?
Robert83
Hi,

this is how mine looks like, I'm allowing a remote client to use ultravnc to connect to one of my internal servers....

xxx.xxx.xxx.xxx = remote public ip address
yyy.yyy.yyy.yyy = firewall internal ip address
192.168.2.10 = server running ultravnc on port 5900

iptables -A FORWARD -i eth1 -s xxx.xxx.xxx.xxx -d yyy.yyy.yyy.yyy -p tcp --dport 5900 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -d yyy.yyy.yyy.yyy --dport 5900 -j DNAT --to 192.168.2.10:5900

I hope this helps, and I hope that I wrote this down correctly smile.gif

Sincerely
Robert B
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.