I have a client that has no direct access to the internet. But it is connected to a server on a LAN connection, whereas the server has access to the Internet.
I'd like to send an HTTP request from the client through the Server to the Internet. How can I do this?
+--------+ +--------+ +--------+
| | LAN | Ubuntu | WAN | |
| Client <--------> 16.04 <--------> WWW |
| | | Server | | |
+--------+ +--------+ +--------+
Steps:
- Client sends request to Server on LAN at https://user:pass@local-server:1234
- Server forwards request to remote endpoint at https://user:pass@remote-server
Note: I only need to forward the HTTP request to a single endpoint
I have been looking at running squid or tinyproxy on the server but I'm not sure how to properly configure them or if it's the simplest approach. Is a proxy server needed here?
Best Answer
There is two solutions. First - configure NAT on server, Second - configure HTTP Proxy. So, from my point of view, for your situation best way - configure NAT, you don't need to install any additional software, just configure firewall.
To configure it on
iptablesyou should do two steps:First of all make sure the packet forwarding is enabled in the kernel
You can also make it permanent by adding below line to
/etc/sysctl.confThen you should add to
iptablesconfiguration two rules:It could be done by command:
With this you should check that there is no rule for forwarding block, it looks like this
-A FORWARD -j REJECT --reject-with icmp-host-prohibited. If it exist, it could be removed by command:As well, you could read articles for enabling forwarding in
ufwin internet. Here two[1][2] examples.