How to create a virtual IP (NAT) for a device on another computer?

AndrÃ_K · ‎02-05-2022

Ubuntu Linux computer has two network interfaces:

wlx1cbfce8bd2bd: inet 10.1.1.129 netmask 255.255.255.0

on this network, there is a device: 10.1.1.10 - with a UDP port 10000 that I wish to make accessible from the internet.

the second interface is....(this is connected to Fortigate)

enp4s0: inet 192.168.1.80 netmask 255.255.255.0

Fortigate LAN IP is: 192.168.1.1

I wish to enable somebody to connect to the UDP port 10000 of the 10.1.1.10 device from the internet.

I do know how to set up NAT(Virtual IP) and IP4Policy to forward traffic to 192.168.1.80 - but I do not know how to do it to 10.1.1.10

I assume I need route(s) on Fortigate, as well as on my PC (192.168.1.80) and som eiptables? to achieve that.

akristof · ‎02-06-2022

Hello,

Thank you for your question.

It is long time since I was doing something with iptables on linux. But you need something like this:

- On FortiGate create static route for 10.1.1.10 and gateway should be your PC 192.168.1.80

- On FortiGate then create VIP with port-forwarding that you need and use it firewall policy

- Now on linux you just need to add iptable entry that will forward this traffic from any source, on port 10000/UDP to the correct PC.

Adrian

akristof · ‎02-06-2022