Windows 10 - NAT - Port forwarding & IP masquerade
Solution 1
Windows netsh
can setup a proxy to allow administrators to proxy ipv6 traffic over ipv4. Netsh also has an option to configure a proxy for ipv4 to ipv4.
For your setup use netsh interface portproxy add v4tov4 listenport=80 connectaddress=127.0.0.1 connectport=8080
replacing the 127.0.0.1
with the address you wish to proxy to.
here's a little breakdown on the command.
netsh interface portproxy
selects interface that handles the tunnels.
add v4tov4
to create a ipv4 to ipv4 tunnel.
listenport=80
for the port you want the clients to connect.
connectaddress=127.0.0.1
is the remote address that the clients will be proxied to.
connectport=8080
is the remote port.
you can also use listenaddress=
if you only want the proxy to be available on one interface.
For more info https://technet.microsoft.com/en-us/library/cc731068(v=ws.10).aspx
Solution 2
At least for test purposes I was able to use the following utility to forward both TCP and UDP
https://sourceforge.net/projects/pjs-passport/
It's for XP, but it works on Win10 also.
Related videos on Youtube
Orestis P.
Updated on September 18, 2022Comments
-
Orestis P. over 1 year
I'm looking for a way to get iptables functionality in windows 10. I enabled IP routing and I need to forward tcp data to another host (port 8080) and then forward his response while masquerading IP. In linux I was able to do this using the following (Where $1 = < internal IP >, $2 = 80, $3 = 8080, $4 = tcp)
iptables -t nat -A PREROUTING -p $4 --match multiport --dports $2 -j DNAT --to-destination $1:$3 iptables -A FORWARD -p $4 --match multiport --dports $2 -d $1 -j ACCEPT iptables -t nat -A POSTROUTING -j MASQUERADE
Is there a way to achieve similar functionality in Windows 10?
-
rda almost 8 yearsProbably too short for an answer and I don't know if this is still valid for windows 10. For port forwarding check out this answer. Masquerading in windows is called Internet Connection Sharing (ICS), check out this answer.
-
Orestis P. almost 8 yearsHello, thanks for your input. I tried using netsh but it doesn't seem to work (maybe because I need listenaddress to be wildcard *). For ICS I'm not exactly sure how it will works (Will I need a second adapter? If I bridge them I can't use ICS)
-
TJJ almost 8 yearsMaybe you could use netcat on your PC. It will listen on one port and send to another port. IP will be the IP of your machine in the middle.
-
Zalmy almost 8 years@OrestisP. check out
netsh interface portproxy add v4tov4 listenport=80 connectaddress=127.0.0.1 connectport=8080
I'll try to translate your iptables to netsh if I have time. replace the 127.0.0.1 with the address of your choice
-
-
user276648 over 7 yearsNOTE that this unfortunately only works for TCP so if you wanted to forward some UDP traffic, you're out of luck.
-
Frank M over 6 yearsWorks for me using Windows 10 to port-forward ssh (server port 22) on a machine running a VPN. A machine (without VPN connection) on my home network is able to connect to another machine inside the VPN using the listenport.
-
Peter Turner over 6 yearsWindows 10 tells me:
Cannot start service from the command line or a debugger. A Windows Service must first be installed (using installutil.exe) and then started with the ServerExplorer, Windows Services Administrative tool or the NET START command.
-
user276648 over 6 years@PeterTurner: check the
readme
file. I seePassPort.exe -Install
to install the service.