[BUG] - Cannot connect to port in another network

[mazx4960]

Version of protonvpn-docker

NA

Credential & Plan

• [X] I have verified that my VPN credentials are valid
• [X] I am using OpenVPN credentials and not my proton account credentials.
• [X] I have verified that the servers I am trying to connect to are available under my plan.

System Architecture

NA

Running on a NAS?

No

Container Runtime

Docker with defaults

Version of Kubernetes

NA

Version of docker/podman runtime

NA

Troubleshooting

• [X] I have tried steps mentioned in TROUBLESHOOTING
• [X] I am using latest version of the docker image

Relevant log output

No response

Any additional info

Accessing the port through on the host machine yields no error. However, when trying to connect from another machine results in a connection timeout. The machine used to connect to the port is in a different subnet from the from the host machine.

Code of Conduct & PII Redaction

• [X] I agree to follow this project's Code of Conduct
• [X] I have removed any sensitive personally identifying information(PII) and secrets from in this issue report.

[jlxip]

Can confirm. The issue is not accesing from another machine per se, but the interface the VPN container opens the ports to. From the host, connecting with netcat to lo (127.0.0.1) works fine, but any other (such as 192.168.0.2) will not work. This is weird, since netstat confirms it's listening on 0.0.0.0, so the VPN container must be dropping the packets.

[jlxip]

Got a workaround. I've tried to do a version of this inside of the vpn container, but no luck. Assuming vpn is on the subnet 172.17.0.0/24, that host is .1, and that the port you want to access is 9091 (transmission), run on the host:

sudo iptables -t nat -A POSTROUTING ! -s 172.17.0.0/24 -p tcp --dport 9091 -j SNAT --to 172.17.0.1