I have an OpenWRT router running 12.09 r36088.
Everything has been working correctly. The router has OpenVPN installed so that I can access machines remotely.
I'm now trying to run OpenVPN on another machine on the network behind the router. I'm doing this so that remote phones can use their built-in OpenVPN software and connect directly.
I'm using port 1194 for the router's OpenVPN and trying to use 1190 for the PBX machine.
Let's call the machines RTR (router) and PBX (raspberry pi running asterisk/freepbx and openvpn)
Presently, I can log into RTR without problems. When I try to log into PBX, I never hit the machine (i.e. no logs are updated). This leads me to believe I'm getting dropped at the router.
I have the following lines in firewall.user
# lines for RTR's OpenVPN
iptables -t nat -A prerouting_wan -p udp --dport 1194 -j ACCEPT
iptables -A input_wan -p udp --dport 1194 -j ACCEPT
# add additional firewall accept for Raspi OpenVPN instance
iptables -I FORWARD 1 -d 192.168.40.210 -p tcp --dport 1190 -j ACCEPT
iptables -t nat -A PREROUTING -p udp --dport 1190 -j DNAT --to 192.168.40.210:1190
Under Network - Firewall - Port Forward's in Luci, I have created this rule:
Match: IPv4-TCP, UDP
From any host in wan
Via any router IP at port 1190
Forward to: IP 192.168.40.210, port 1190 in lan
Under edit, Enable NAT loopback is ticked.
and have it enabled. If there is a way to do this forward in firewall.user, I'll take the 'line' and paste it in; I just don't have a handle on all the syntax.
So, I'd like to have 1190 redirected to 192.168.40.210 and have it go into that VPN directly, and bypass the router.
Thanks for any help.
Andrew