I have a router from my ISP (Orange Funbox 2.0). In it, I forwarded port 6568 to my Raspberry Pi, which runs a Wireguard VPN. On the server, I set up port forwarding to the end device (my phone) with
iptables -t nat -A PREROUTING -4 -p tcp --dport 6568 -j DNAT --to-destination 192.168.2.2:6567
iptables -t nat -A PREROUTING -4 -p udp --dport 6568 -j DNAT --to-destination 192.168.2.2:6567
Here's a diagram of the network
I set up an HTTP server on the phone, listening on port 6567, and connected it to the VPN. Connecting from Home PC to 192.168.1.4:6568
shows that the connection works, and a web page is displayed. Connecting from outside my home network (ReqBin in the diagram) to the HTTP server on the Pi works as well. However, trying to reach the Phone (through the forwarded port on the router and then the VPN) from the outside network does not work. Neither Home PC, nor ReqBin can achieve a connection when going through the Home Router. iptables
counters show that the packets reach the server, and are processed correctly. Logs on the phone show no connections.
Where do the packets disappear?