I have a VPN connection between two servers that I want to use to allow one to connect to the other's ports and use IPtables Prerouting to make it accessible from the other server. I do not want any normal traffic to be send over the VPN (Web, Mail, Generic).
The command I am using for IPtables is
iptables -t nat -A PREROUTING -d myserver.com -p tcp --dport 3240 -j DNAT --to-dest 10.8.0.8:3240
where 10.8.0.8
is a static IP for the server using OpenVPN.
My OPENVPN client conf is
client
nobind
dev tun
remote-cert-tls server
remote myserver.com 1194 udp
key-direction 1
redirect-gateway def1
The issue is that when I add the redirect-gateway
option at the bottom, all normal internet traffic is being sent across the VPN, which is not what I want. When I remove it, I lose the ability to use IPTables NAT for that server, I am not sure why this is the case because I am still able to connect with nc 10.8.0.8 3240
, but IPTables is unable to forward the connection and I cannot find a location to get error logs for this.