I tried to google almost everything, but I am lost now. I spent about two days of trying to set this up. Can anybody help me?
The Problem:
I must have the main home router from my ISP. But they are not allowing let's say any setup on their router. I have a NAS at my home, which I need to access using port forwarding. So I decided to overcome their router using VPN and server in cloud, which has public IP etc.
My current setup is (IP addresses redacted):
NAS (192.168.100.10) -> network (192.168.100.0/24) -> mikrotik router as VPN client (192.168.100.253, 192.168.101.3) -> VPN tunnel (192.168.101.0/24) -> cloud server as VPN server (192.168.102.10, 192.168.101.2, some public IP)
My NAS is accessible on ports 80 and 443 from local network. On Mikrotik router, I have set up the OpenVPN client and connected it to the VPN server. The connection is correct in my opinion. The server in cloud used as OpenVPN server is Ubuntu 22.04 with OpenVPN Access Server installed and set up in free edition - two connections allowed.
What I want:
I want to set up, that if I access my OpenVPN server on its public IP on port 443, I want to forward that traffic to my NAS behind the VPN. I do not want to work with certificates on the OpenVPN server.
What I have:
I know, that the VPN tunnel works, because when I set up nginx on my VPN server to accept incoming traffic on port 80 and I set the proxy_pass to the IP server of my NAS, I am able to access my NAS on port 80 without any problems. In the MikroTik router, there is no firewall set up - it is set to allow all incoming traffic because now it is not used for anything else. I do not want to work with SSL certificates on the OpenVPN server, so I do not want to set up Nginx for port 443. I just want to route/forward the traffic incoming from port 443 to the NAS to port 443.
In the server, I have enabled the ipv4 forwarding in sysconf and also tried to set up prerouting in iptables. But I am getting connection_timeout. Also, I set up logging of all 443 traffic on Mikrotik, but there is nothing logged.
After all the googling and trying, I think that the problem is, that the server is not able to forward incoming traffic from the internet to the VPN. If I run wget to the IP of my NAS on port 443 from the OpenVPN server, it is successful.
Does anyone have any idea, what could be wrong with the setup? Or where should I look for the mistake? Also, I can provide any other info needed. I know, that the setup is probably overkill but I would like to finish it when I have the port 80 working.
Thank you for any help.
