Port Forward Through Gateway to Workstation

Support
1

Hello,

I have whonix gateway and work station running on a proxmox host. I would like to be able to forward a port from the gateway to the work station so that I can VNC into the work station.

I tried the following, but it did not seem to work…

iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 5900 -j DNAT --to-destination 10.152.152.18:5900
iptables -A FORWARD -p tcp -d 10.152.152.18 --dport 5900 -j ACCEPT
iptables -A POSTROUTING -t nat -s 10.152.152.18 -o eth0 -j MASQUERADE

So my question is, what iptables commands do I need to run on the gateway and what commands do I need to run on the work station?

Thank you so much for any help you can give, I really appreciate it, Ive been banging my head against the desk for a couple of days now trying to get this done.

Jeff

2

Possible. Tested with VirtualBox and Qubes. (KVM should work in principle too but untested by me.) Working with ssh, sshfs and VNC. Virtualizer specific. But undocumented.

Which virtualizer?

Hopefully these pointers can help.

You need to open a port in Whonix-Gateway firewall.

Opening Ports in Whonix

You need to open a port in Whonix-Workstation firewall.

Opening Ports in Whonix

Do SSH into Whonix-Gateway as exercise preparing for…

File Transfer - Whonix

SSH into Whonix-Workstation

File Transfer - Whonix

SSH first as exercise. Then you get the idea, you’d just change the port numbers and can use VNC.

I would also exercise this locally first before doing this on remote.

Related:

No need.

To get from Whonix-Gateway to Whonix-Workstation I’d use:

  • SSH port forwarding,
  • socat, OR
  • systemd-socket-proxyd
1 Like
3

Proxmox is KVM.

1 Like
4

Thank you so much, SSH port forwarding worked like a charm!

1 Like