Hi,
I have a headless Pi2 at my mother's house, largely so I can wake my mother's PC on demand. It connects to my LAN with a roadwarrior type of OpenVPN connection.
Normally I connect to my mother's PC using VNC over the PC's always on OpenVPN connection. I now need to maintain the OpenVPN on the PC which means I need an alternative way of connecting to it. I was thinking of using VNC to the Pi, and forwarding TCP port 5900 to the PC but I can't get it to work. I have done:
The Pi is on 192.168.0.10 on its LAN and 172.17.3.132 in OpenVPN and the PC on 192.168.0.12.
When I do this and telnet to 172.17.3.132:5900, I see the packets arriving at the Pi, but nothing leaving it to its LAN. At this point iptables looks like:I am sure I've had thins working before so I must be missing something basic. Can anyone please help me?
I have a headless Pi2 at my mother's house, largely so I can wake my mother's PC on demand. It connects to my LAN with a roadwarrior type of OpenVPN connection.
Normally I connect to my mother's PC using VNC over the PC's always on OpenVPN connection. I now need to maintain the OpenVPN on the PC which means I need an alternative way of connecting to it. I was thinking of using VNC to the Pi, and forwarding TCP port 5900 to the PC but I can't get it to work. I have done:
Code:
sysctl net.ipv4.ip_forward=1iptables -I PREROUTING -t nat -i tun+ -p tcp --dport 5900:5909 -j DNAT --to 192.168.0.12iptables -I PREROUTING -t nat -i tun+ -p udp --dport 5900:5909 -j DNAT --to 192.168.0.12iptables -I POSTROUTING -t nat -p tcp --dport 5900:5909 -j MASQUERADEiptables -I POSTROUTING -t nat -p udp --dport 5900:5909 -j MASQUERADEWhen I do this and telnet to 172.17.3.132:5900, I see the packets arriving at the Pi, but nothing leaving it to its LAN. At this point iptables looks like:
Code:
root@raspberrypi:~# iptables -nvLChain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination root@raspberrypi:~# iptables -nvL -t natChain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DNAT udp -- tun+ * 0.0.0.0/0 0.0.0.0/0 udp dpts:5900:5909 to:192.168.0.12 1 52 DNAT tcp -- tun+ * 0.0.0.0/0 0.0.0.0/0 tcp dpts:5900:5909 to:192.168.0.12Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 MASQUERADE udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:5900:5909 1 52 MASQUERADE tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:5900:5909Statistics: Posted by NicholasH — Sat Jul 12, 2025 4:06 pm