0

I have limited knowledge of iptables, but I read answers to similar questions here and tried to implement it.

sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
sudo iptables -t nat -A PREROUTING -i ppp+ -p tcp --dport 80 -j DNAT --to-destination 192.168.1.99:8888
sudo iptables -t nat -A PREROUTING -i ppp+ -p tcp --dport 443 -j DNAT --to-destination 192.168.1.99:8888

Objective:

VPN server install on : 192.168.1.36
HTTP Proxy server 192.168.1.99:8888

VPN users connect to pptpd (via wlan0)
    \ | /
      |
      |
     / \
 http   everything else
https    |
   |     |
   |     |
proxy    |
server   |
         |
         |
      internet  (via wlan0)

The objective is to pass the http/https traffic through proxy server. I can not configure a proxy server on a device, but I need to reroute its traffic through proxy server. So I thought I can do it through VPN.

What am I doing wrong?

Edit: I have already installed CA root certificate on the subject device. So I'll have no issues intercepting/monitoring the communication once I get past this iptables issue.

Community
  • 1
Mihir
  • 121
  • 4
  • What exactly happens? Do you see requests arriving at the proxy server? Do the counters increase in iptables? – Tero Kilkanen Jun 06 '20 at 17:58
  • `I can not configure a proxy server on a device` - You know that means you can't intercept https right? The end devices need at least a CA cert installed, or interception simply is going to give tons of errors. – Zoredache Jun 06 '20 at 20:02
  • @Zoredache I have already installed CA cert. – Mihir Jun 07 '20 at 09:05

0 Answers0