I have a remote server that will receive HTTP requests and send them over a tunnel to the web servers. The web servers are behind a Sophos UTM 9 firewall.
The remote server is running Ubuntu. All it does is accept port 80 and send it over a VPN to the web server.
Right now, I have a GRE tunnel in place that is simply passing through the UTM untouched. It works. But this is not great because I have no packet filtering and no control over it. What I really want is for UTM to handle the tunnel so that I can create rules and run reports on the traffic. After 10 days of this I have zero to show for it.
My latest try was to create an L2TP VPN. I thought maybe that would provide tunneling? I sure cannot see how though. I got the L2TP over IPSec VPN logged in. I tried this for routing:
ip route add <Sophos UTM external> via <proxy server public IP> dev venet0
ip route add default via <L2TP VPN IP>
ip route del default via <proxy server public IP> dev venet0
iptables -A POSTROUTING -t nat -j SNAT --to-source <proxy server public IP>
iptables -A PREROUTING -t nat -p tcp --dport 80 -d <proxy server public IP> -j DNAT --to-destination <L2TP VPN IP>
iptables -A FORWARD -d <L2TP VPN IP> -p tcp --dport 80 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
That just forwarded the packets, so they came out at the UTM with the IP address of the proxy, not the user's IP address. I think I am close, but I could really use a clue.
I can use the command line with Sophos to build a GRE tunnel there, if that is my best option. I am having some trouble figuring out the Sophos iptables though.
What is the best way to complete this task? The remote proxy server is just basic Ubuntu and can run anything.
This thread was automatically locked due to age.
