0

I have a client who has given me access to their database over a VPN. I need my web application to also connect to the same database. My current approach is:

  1. Create a new EC2 micro instance (specifically Red Hat 4.8.3-9)
  2. Connect to the micro instance to the VPN
  3. Forward all traffic on port 5432 to IP address of client's db server
  4. Reach out to my newly created micro instance's public IP address from my application server on port 5432 and connect to the database server.

Steps 1 and 2 are complete and done with, but I'm having trouble forwarding the port. I've tried using basic SSH forwarding:

ssh -L 5432:0.0.0.0:5432 <destination ip>

And IP tables:

sudo iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 5432 -j DNAT --to-destination <destination ip>:5432

I opened up all TCP for port 5432 on my micro instance's security group, but when I try to connect using psql from my application server, I get the message

sql: could not connect to server: Operation timed out
Is the server running on host "52.40.183.26" and accepting
TCP/IP connections on port 5432?

Two questions:

  • Is this the best approach?
  • If so, what am I doing wrong?

Thanks in advance.

colefner
  • 101
  • 1
  • Is packet forwarding on Red Hat really on by default? – Ryder Jun 06 '16 at 22:22
  • Ah, no it's not. You might want to look at this more like setting up a router / firewall than setting up a server: http://etutorials.org/Linux+systems/red+hat+linux+bible+fedora+enterprise+edition/Part+IV+Red+Hat+Linux+Network+and+Server+Setup/Chapter+16+Connecting+to+the+Internet/Setting+up+Red+Hat+Linux+as+a+Router/ – Ryder Jun 06 '16 at 22:33

0 Answers0