Due to our restricted internet in Iran, I need to establish an internet connection through an OpenVPN server-which is located in Iran- and then route all network packets from the VPN clients to another server-which is located on a free and open internet-.
I am a software developer and don't have any deep knowledge in networking. I just know some basics. So, it would be so great if you enlighten me in this problem.
I set up some iptables rules in order to route the packets using NAT. But it won't send any packets to the outside server.
The following are my iptables rules:
Chain PREROUTING (policy ACCEPT)target prot opt source destinationACCEPT udp -- anywhere <iran-vps-hostname> udp dpt:<open-vpn-port>ACCEPT tcp -- anywhere anywhere tcp dpt:sshDNAT tcp -- anywhere <iran-vps-hostname> tcp to:<free-vps-ip>DNAT udp -- anywhere <iran-vps-hostname> udp to:<free-vps-ip>Chain INPUT (policy ACCEPT)target prot opt source destinationChain OUTPUT (policy ACCEPT)target prot opt source destinationChain POSTROUTING (policy ACCEPT)target prot opt source destinationMASQUERADE all -- 10.8.0.0/24 anywhereSNAT tcp -- anywhere <free-vps-ip> tcp dpt:http to:<iran-vps-ip>SNAT tcp -- anywhere <free-vps-ip> tcp to:<iran-vps-ip>SNAT udp -- anywhere <free-vps-ip> udp to:<iran-vps-ip>As it's obvious, I established an OpenVPN server in my Iran machine and get iptables to accept to OpenVPN port in order to accept OpenVPN clients' connection.
The MASQUERADE rule also is for OpenVPN configuration. The other rules which are PREROUTING and POSTROUTING have been added by myself.
The flow I want to create is as follows:
(my computer(as a vpn client)) <==connects-to==> [IRAN VPS] <==routes-all-network==> [OPEN WORLD VPS]How can I achieve to this flow?
NOTE: I also established an OpenVPN server on the open world vps, but I cannot connect to it through UDP, and with TCP, it faces to TLS handshaking failure.