IPSec Tunneling

[PAL-18]

I got an IPSec tunnel to mitigate DDoS attacks and the tunnel is working properly as i can view my tunneled game control panel fine. My problem is that my TF2 server cannot be queried or joined.

I have SRCDS listening on the internal ip (10.1.0.x) and it displays the public ip in the console fine but i still can't query it.

On the DDoS VPS, i have IpTables set to allow all incoming and outgoing traffic. Also, it can't be the box my game server runs on because when i set it to listen to the regular non ddos protected IP, i can query and connect to it fine.

Any idea what's happening?

[Garith]

Do you mind posting configs? Please make sure to not include the rcon.

[PAL-18]

EDIT: Nevermind, i fixed it.

It was a stupid mistake on my part. I forgot to forward
udp traffic to the public ip in iptables. In case anyone else gets this
kind of problem here are the rules you need:

In the *nat section add (on each line replace the first instance of
X.X.X.X with your public ip and the second instance with your internal ip):

-A PREROUTING -d X.X.X.X -p tcp -j DNAT --to-destination X.X.X.X
-A PREROUTING -d X.X.X.X -p udp -j DNAT --to-destination X.X.X.X


In the *filter section add (on each line replace the first instance of
X.X.X.X with internal ip):

-A FORWARD -d x.x.x.x -p tcp -j ACCEPT
-A FORWARD -d x.x.x.x -p udp -j ACCEPT

[Garith]

I'm glad you've fixed it! Make sure to edit the original title to include [Solved] so others find results faster!