[Help/Future How To?] Help with port forwarding?

Discussion in 'Linux' started by CamilleBC, Feb 1, 2018.

  1. C

    CamilleBC New Member

    Hello. I am trying to setup port forwarding, using the Linux .deb VPN manager.

    I opened the port on my local machine (when using the nmap -p command on my localhost or local IP, it says the port is open). I then asked for a port forwarding on the server I connect to. I have a source port to which I connect, using amsterdam.perfect-privacy.com, and it should redirect to my local port.

    But it just times out. I used my perfect privacy login and pass, then tried again with my ssh login and password.
    I cannot find a clear guide on how to setup port forwarding, could anybody explain it to me?

    I also would like to setup port forwarding but using an openVPN configuration. The reason is that the linux client doesn't start automatically, and I don't want to wait 2 years until an update comes out that can do it. Could anyoe either point me to a tutorial or explain how one would proceed to setup port forwarding using Perfect Privacy and an openVPN CLI configuration?

    Your service is pretty cool and I like it, but it lacks a LOT of documentation and tutorials. ^^
    If you answer my questions, I will update the OP and format a HOW TO for future reference.
    Thank you very much for your support!
     
  2. PP Stephan

    PP Stephan Staff Member

    Please note that port forwardings will not work from your own network. This is being blocked to prevent IP leaks via Wrong Way. It should work from a different network if the port forwarding is set up correctly and you are connected to the correct server group. You can test this using an external port checker: https://www.yougetsignal.com/tools/open-ports/

    Note that something must actually listen on the port in order for the port tester to show the port as open.
     
  3. C

    CamilleBC New Member

    Hello and thanks for answering. I know that I cannot access from the inside of my network. I just tested from my machine that the local port was opened.

    By the way I made a mistake on my first post. It doesn't have a time out, it just flat out refuses the connection. When I try your link, it tells me the port is blocked, even though the IP seems to be OK (31.204.153.106 which should be amsterdam VPN) and the port is the one that the VPN manager gives me. The local port is the one that is opened, so I don't get what I'm doing wrong.

    Thnaks again for your time.
     
  4. PP Stephan

    PP Stephan Staff Member

    What kind of port forwarding have you configured? What source and destination port are you using? And is something on the computer actually listening on that port (e.g. netcap -l -p <PORT>)?
     
  5. C

    CamilleBC New Member

    Do you mean netcat? If so, it tells me the port is already in use (which is logical, since this is my ssh port, so it probably is used by the ssh daemon).

    What kind of port forwarding I have configured? I have set up a custom port forwarding, using your VPN manager, destination port is between 42000 and 43000, which should not be a problem, I think. The source port it gave me is 44656.
     
  6. PP Stephan

    PP Stephan Staff Member

    Okay, so you want to use it for ssh (no need for netcat then). Then you should use custom port forwarding to local port 22 (assuming your sshd is listening on the dafult port) and then use the Port Forward Tester to check the Source Port on the VPN exit IP you are using.
     
  7. C

    CamilleBC New Member

    Well that is exactly what I did, and it tells me the port is blocked :)
     
  8. PP Stephan

    PP Stephan Staff Member

    "BLOCKED" usually means the traffic is actually blocked (if the forwarding was just setup incorrectly it should say CLOSED).

    Did you check your firewall rules, do they allow incoming traffic on all adapters?

    Also check that your sshd is listening on all interfaces (not only localhost).
     
  9. C

    CamilleBC New Member

    Well the forwarding test says closed, here is the output from your site: Port 44656 is closed on 31.204.153.186. Sorry if I said blocked, I thought that meant the same thing.

    And I had setup that forwarding a couple days ago. At first I thought it would take time to propagate, but it's been at least 2 to 3 days.
     
  10. PP Stephan

    PP Stephan Staff Member

    What still confuses me, you said "destination port is between 42000 and 43000" - what did you mean by that? If this for ssh the destination port should be 22.
     
  11. C

    CamilleBC New Member

    Why should SSH port be 22? I have set up my SSH Daemon to listen on a custom port. 22 is just the one setup by default. Does perfect privacy requires me to use a local 22 port? I don't even think that is possible.

    I can try with port 22 when I come back home Monday, if you want me too :)
     
    Last edited: Feb 3, 2018
  12. PP Stephan

    PP Stephan Staff Member

    The port doesn't matter - I just wanted to make sure that you are not connecting to the wrong port. To be honest, I am not quite sure why this is not working for you. The only thing I can think of is that the traffic gets blocked on your side.
     
  13. C

    CamilleBC New Member

    Okay, I'll try everything on my side then ^^ But I'm not sure I'll be able to do anything, I'm not that proficient in networking, and I managed to get it working with airvpn, before. I switched from them because I found their speed was lacking.

    I really want to stay with perfect privacy, as it has been a very good year and I like the service you provide. Do you maybe have a link on how to setup port forwarding with perfect privacy on OpenVPN manually? I tried looking but I haven't found much.

    Cheers and thanks for the help you tried to provide!
     
  14. PP Stephan

    PP Stephan Staff Member

    We are planning to add more detailed documentation for this but we pretty much covered the basics here already. Although one thing I forgot to mention, are you testing this from a different network? Because the port forward will be blocked if you are coming from the same network (to prevent IP leaks).

    Did you check the Source port on the VPN server with an external tool, e.g. https://www.yougetsignal.com/tools/open-ports/