I have a VPS server with 2 public IP addresses and I would like one of them to point to my NAS in home, which is connected directly to the router. I have VPN configured on both VPS server and router already and it seems to work properly, i.e. I can connect from VPS to NAS using private IP address, ping works as well both directions.
The connection looks as follows: VPS -> router -> NAS
Now I have executed following commands on VPS:
iptables -A FORWARD -i eth0 -o tun0 -d 192.168.1.100 -m conntrack --ctstate NEW -j ACCEPT iptables -A FORWARD -i eth0 -o tun0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i tun0 -o eth0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A PREROUTING -d SECONDARY_PUBLIC_IP -j DNAT --to-destination 192.168.1.100 -i eth0 iptables -t nat -A POSTROUTING -s 192.168.1.100 -j SNAT --to SECONDARY_PUBLIC_IP -o eth0
When I launch tcpdump on VPS (tcpdump -i tun0) I can see:
08:08:20.302382 IP PUBLIC_IP.44358 > 192.168.1.100.ssh: Flags [S], seq 3107117489, win 64240, options [mss 1460,sackOK,TS val 328826691 ecr 0,nop,wscale 7], length 0
But I don't see any incoming traffic in tcpdump on my router. Why? What do I do wrong?
192.168.1.100 is IP of my NAS, router has 192.168.1.1 assigned. Could you help me guys?