Suppose I have two systems, A and B.

System A is a local server(port 80) with IP address 172.x.x.x and has interface enp0s3. It also has a OpenVPN Server installed with IP address 10.8.0.1 and interface tun0.

System B is also a local server(port 80) but is connected to a router(which is connected to the LAN where System A is) and has IP 192.x.x.x with interface enp0s3. System B is the OpenVPN Client with IP address 10.8.0.6 and interface tun0.

So, here I have a successful OpenVPN Server Client configuration as I can access Server and Client with their VPN IP addresses.

System A and B are accessible only through VPN, otherwise not. System B can access System A through port 443 using udp.

System A is receiving traffic in its local server. What I want to do is forward some particular IP's from System A to System B through the VPN tunnel, i.e., when a IP 172.20.x.x tries to access System A at 172.x.x.x I want to forward 172.20.x.x to System B at 10.8.0.6.

I tried it using iptables in System A:

  iptables -t nat -A PREROUTING -p tcp --dport 80 -i DNAT --to-destination 10.8.0.1
  iptables -A POSTROUTING -t nat -p tcp -d 10.8.0.6 --dport 80 -j SNAT --to-source 10.8.0.1

It seems to not working as I cannot access the content at 10.8.0.6 when I am accessing 172.x.x.x at System A from 172.20.x.x

I am new to iptables. Can anyone help me where I am going wrong/what iptables to actually use for this problem?