So I have a VPS and Dedi server both running Debian 9.9.
139.99.x.x: VPS
139.89.x.x: DEDI
The Dedi server runs a game server but can't be directly accessible, I want to route all traffic through my VPS first (obv to mask the IP of the game server).
I want to do this using a GRE tunnel. So on the dedi I did:
ip tunnel add gre1 mode gre remote 139.99.x.x local 139.89.x.x ttl 255
ip link set gre1 up
ip addr add 10.10.10.1/24 dev gre1
On the VPS:
ip tunnel add gre1 mode gre remote 139.89.x.x local 139.99.x.x ttl 255
ip link set gre1 up
ip addr add 10.10.10.2/24 dev gre1
This works I can ping both ways. I've also enabled ip forwarding in sysctl.conf.
Now I want external traffic hitting the VPS at 139.99.x.x:27015 to go through the tunnel and hit 10.10.0.1:27015 on the DEDI.
So my attempt was this which I got from another question here, on the VPS:
iptables -t nat -A PREROUTING -p tcp -m tcp -m multiport -d 139.99.x.x --dports 27015 -j DNAT --to-destination 10.10.10.1
iptables -t nat -A POSTROUTING -o gre1 -p tcp -m tcp -m multiport -d 10.10.10.1 --dports 27015 -j SNAT --to-source 10.10.10.2
Can anybody provide me with a working example?
Thanks!