On 09/20/2015 03:40 PM, Marc Haber wrote: > Hi, > > On Sun, Sep 20, 2015 at 03:13:18PM -0400, Simon Deziel wrote: >> If I were to hop by an intermediary server, I'd probably try to do with >> NAT+forward only. Here is an untested IPtables version for the >> intermediary/relay server: >> >> iptables -t nat -A PREROUTING -s $STATIC_HOME_IP -p udp --dport 1194 \ >> -j DNAT --to my-openvpn-box >> iptables -A FORWARD -s $STATIC_HOME_IP -d my-openvpn-box -p udp \ >> --dport 1194 -j ACCEPT >> iptables -t nat -A POSTROUTING -d my-openvpn-box -p udp --dport 1194 \ >> -j MASQUERADE > > Unfortunately, it would be $DYNAMIC_HOME_IP here.
Leaving the "-s $STATIC_HOME_IP" out should still work. ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
