Port Forwarding from resin-vpn to eth0 for WinBox


I need to redirect public port 80 to internal 8291 to connect to Mikrotik via WinBox. How can this be done and is it possible?

I ran the following commands on the host that did not help me:

iptables -t nat -A PREROUTING -p tcp -m tcp -d --dport 80 -j DNAT --to-destination
iptables -t nat -A POSTROUTING -p tcp -m tcp -s --sport 8291 -j SNAT --to-source
iptables -A FORWARD -i eth0 -o resin-vpn -j ACCEPT
iptables -A FORWARD -i resin-vpn -o eth0 -j ACCEPT

Hey, I’m not familiar with Mikrotic or WinBox, but do they run an HTTP service? If so you can use a reverse proxy such as haproxy to forward the requests to that service. Does this help?

What do you mean by harproxy?

Could you give a little more information on what exactly you’d like to do, and what the effect should be please? It’s probably worth us making sure we’re on the same page before proceeding :slight_smile:

RPi are connected via Ethernet to the Mikrotik router. I would like to remotely log into the router via resin-vpn and public port 80

Do you log into your router using a web interface?

I enter the router through a Winbox application that uses TCP over 8291

A way you could do this I think would be to run a service on the Pi, listening on some port. When a connection comes into that port, your service proxies it through to the router at port 8291. You can then run balena tunnel using our CLI to bring the Pi’s service port to your localhost, and connect with winbox to localhost:<tunnel port>.