Webhorizon NAT - ipv4 tcp port forwarding not working?
I'm not getting ipv4 tcp port forwarding to work.
I have set up:
Protol TCP
Source IP: 170.161.5x.xx
Source Port: xx21-10 =xx11
Destination IP: 10.37.110.xx
Destination port: 7172
Forwarding to http server.
The http server works on ipv6.
Any suggestions how to troubleshoot?
Comments
i am writing an article that has such info:
First check the host
if 0 "not enabled" then open a ticket and nicely ask.
my article will be done when i get some 4-5 hours free and its about installing wireguard-go on alpine.
Thank you.
I have
Where can I read your article?
hopefully will be published next week or after.
I dont know if I missunderstood what you are doing but you cant set any portforwards, they are already set.
If you are looking at the domain forwarding and the TCP part there its still only proxy for port 80 and 443 only, I think it says somewhere as well.
Protocol TCP and destination port 80 does not work.
When looking at the domain forwarding and click "!", I get the following information:
I would then expect to be able to configure one of "my" 20 ports using the tcp option under protocol to any of the following ports and get it working:
"80,443,2083,2087,2222,1000-4000,6500-9999"
I have now tried 3 os images and non of them have /proc/sys/net/bridge/bridge-nf-call-iptables enabled.
Unless it's like no NAT I've ever had you don't pick your ports - they're assigned to you. Check the email you got when you bought the VPS. It'll say something like "take the last octet of your IP address and it's the next twenty ports". Nothing you do inside the VPS will make any difference.
Take a look at:
https://my.webhorizon.in/plugin/support_manager/knowledgebase/view/3/nat-ipv4-ports-calculator-ovz-lxc/
I did check the ports calculator before setting up the forwarding. I know which ports I can use (assigned to me).
It seems that something must be manually configured by Webhorizon so that /proc/sys/net/bridge/bridge-nf-call-iptables ends up as 1 instead of 0. I tried to fix it myself in /etc/sysctl.conf, but it broke the vps.
Why didn't you just put your web server on one of your ports?
I want to use it without a domain.
Also, I want a second one, and a third (without a proxy).
use any of the ports mentioned here: https://my.webhorizon.in/plugin/support_manager/knowledgebase/view/3/nat-ipv4-ports-calculator-ovz-lxc/
They can be used directly on the vps. Additional Domain Forwarding is not required.
TCP/udp is forwarded by default
Webhosting - NVMe SSD, Cloudlinux, Litespeed, SSH Access
KVM VPS Singapore | 256MB NAT VPS - LA, NY, CH, NL, IN, SG, JP starts $7 per year!
Thank you.
I am using the suggested ports from the calculator. It's not working.
It is suggested in second post that the following must be enabled:
of which I can confirm that /proc/sys/net/bridge/bridge-nf-call-iptables is not enabled.
If this is the problem, why is it not enabled ny default?
I tried to enable it in the vps, but it did not work. Is there a need for a knowledge article on how to correctly enable it or even better it could be enabled by default?
if you use docker and iptables is enabled then the bridge-nf-call-iptables is needed.
It's not enabled on any of my machines and my ports work fine.
Edit: Never mind. Didn't read correct.
Which os-images are you using?
Debian 10 iirc
I don't understand how it can be working for you and not me. Are you using "Protocol TCP" in domain forwarding (and not HTTP or HTTPS)?
Here is my config. I can't see anything wrong.
https://upld.im/image/forwarding.UUZUVR
You don't do anything - they just work.
For ex, port 15013 is assigned to me. I put my nebula instance on port 15013 and it works. Honest, that's all I did.
Thank you.
In other words:
A knowledge article about this is needed.
I kinda did say that. ;-)
I probably didn't read that correct.
Yeah, is my bad that my statement was equally correct for how both of us perceived the problem. You has it worked out now?
Yes, it's working.
I'm still not sure though why there is a interface where it's possible to configure "tcp-protocol" from source port on the "public ip" to any of the "allowed destination" ports on the "destination ip" (vps ip). If working it would help keeping things neat and tidy with identical (local) ports on more/all servers.
https://my.webhorizon.in/plugin/support_manager/knowledgebase/view/3/nat-ipv4-ports-calculator-ovz-lxc/
This port forwarding option in Virtualizor is only used in KVM NAT service, which has been discontinued.
Maybe @Abdullah forgot to disable it?
It seems I need more help.
I have enabled tun/tap in the control panel but when running Nyr's install script I get the following error:
Any hints on how to resolve this problem?
which node you are installing the wiregaurd?
NY (is this the correct answer?).
There's an option in Virtualizor to enable the TUN device:
Don't forget to restart your VPS from the Virtualizor panel afterwards.
Need a free NAT LXC? -> https://microlxc.net/