I have a centos server acting as router. It has two ethernet ports eth0 and eth1. eth0 is configured with the public static ip got from my ISP. I have my internal machines connected to this centos os router machine using LAN in eth1.
For example, assume that my public static ip given by my ISP is 123.45.567.89 and it is configured in eth0. In eth1 my internal machines are connected through LAN. Internal machines are in the ip range of 192.168.1.0 to 192.168.1.100
I have a web application running on one of my internal machines with IP 192.168.1.10 on port 8080. I can access this web app from my internal network by typing http://192.168.1.10:8080/ in a web browser. But I want to get this application from my public static ip given by ISP by simply typing http://123.45.567.89/ in the web browser. How can I achieve this? By port forwarding. Follow the below steps to achieve this.
Enable port forwarding in linux kernel by adding the below line in sysctl
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
Then enable it by running the below command:
sysctl -p
Now create the firewall rules for port forwarding.
iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I FORWARD 1 -p tcp -d 123.45.567.89 --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -d 123.45.567.89 --dport 80 -j DNAT --to-destination 192.168.1.10:8080
iptables -t nat -A POSTROUTING -j MASQUERADE
service iptables save > /etc/sysconfig/iptables
service iptables restart
Now just open the link http://123.45.567.89/ in web browser and it should open the app running on internal machine 192.168.1.10 on port 8080.
For example, assume that my public static ip given by my ISP is 123.45.567.89 and it is configured in eth0. In eth1 my internal machines are connected through LAN. Internal machines are in the ip range of 192.168.1.0 to 192.168.1.100
I have a web application running on one of my internal machines with IP 192.168.1.10 on port 8080. I can access this web app from my internal network by typing http://192.168.1.10:8080/ in a web browser. But I want to get this application from my public static ip given by ISP by simply typing http://123.45.567.89/ in the web browser. How can I achieve this? By port forwarding. Follow the below steps to achieve this.
Enable port forwarding in linux kernel by adding the below line in sysctl
vi /etc/sysctl.conf
net.ipv4.ip_forward = 1
Then enable it by running the below command:
sysctl -p
Now create the firewall rules for port forwarding.
iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I FORWARD 1 -p tcp -d 123.45.567.89 --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -p tcp -d 123.45.567.89 --dport 80 -j DNAT --to-destination 192.168.1.10:8080
iptables -t nat -A POSTROUTING -j MASQUERADE
service iptables save > /etc/sysconfig/iptables
service iptables restart
Now just open the link http://123.45.567.89/ in web browser and it should open the app running on internal machine 192.168.1.10 on port 8080.
No comments :
Post a Comment