Concluí a configuração do servidor Openvpn e consigo conectar o servidor VPN ao cliente. Além disso, modifiquei a regra Iptables para acessar a rede privada (Docker, MySQL e Kafka).
Do cliente VPN, consigo acessar os servidores MySQL e Kafka, mas não consigo acessar o servidor Docker. Eu mencionei as regras Iptable do servidor Docker abaixo.
Por favor, verifique e me ajude a conectar o Docker Server.
Regra do Servidor MySQL (Trabalhando do Cliente VPN)
root@app-db:/home/Mysqldb# sudo iptables -L --line-numbers
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
2 ACCEPT icmp -- anywhere anywhere icmp echo-request
3 ACCEPT tcp -- 192.168.30.0/24 anywhere
4 ACCEPT tcp -- anywhere anywhere tcp dpt:27017
5 ACCEPT tcp -- app-server anywhere tcp dpt:27017 state NEW,ESTABLISHED
6 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW,ESTABLISHED
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- anywhere app-server tcp spt:27017 state ESTABLISHED
2 ACCEPT tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED
Regra do servidor do Docker: (não funciona do cliente VPN)
root@Docker-server:/home/contus# sudo iptables -L --line-numbers
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
2 ACCEPT tcp -- ec2-xxx.xxx.xxx.xxx.compute-1.amazonaws.com anywhere tcp dpt:ssh
3 ACCEPT tcp -- pool-xx.xx.x.xx.washdc..net anywhere
4 ACCEPT tcp -- xxx.xxx.xxx.0/24 anywhere tcp dpt:ssh
5 ACCEPT tcp -- xxx.xxx.xxx.xxx anywhere
6 ACCEPT tcp -- ec2-xx.xx.xx.xx.compute-1.amazonaws.com anywhere
7 ACCEPT tcp -- 192.168.30.0/24 anywhere
8 ACCEPT tcp -- 10.8.0.0/24 anywhere tcp dpt:http ctstate NEW,ESTABLISHED
9 ACCEPT icmp -- anywhere anywhere icmp echo-request
10 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW,ESTABLISHED
11 ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW,ESTABLISHED
12 ACCEPT tcp -- anywhere anywhere tcp dpt:http
Chain FORWARD (policy ACCEPT)
num target prot opt source destination
1 DOCKER-USER all -- anywhere anywhere
2 DOCKER-INGRESS all -- anywhere anywhere
3 DOCKER-ISOLATION all -- anywhere anywhere
4 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
5 DOCKER all -- anywhere anywhere
6 ACCEPT all -- anywhere anywhere
7 ACCEPT all -- anywhere anywhere
8 ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
9 DOCKER all -- anywhere anywhere
10 ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
1 ACCEPT tcp -- anywhere anywhere tcp spt:http ctstate ESTABLISHED
2 ACCEPT icmp -- anywhere anywhere icmp echo-reply
3 ACCEPT tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED
4 ACCEPT tcp -- anywhere anywhere tcp spt:ssh state ESTABLISHED
Chain DOCKER (2 references)
num target prot opt source destination
Chain DOCKER-INGRESS (1 references)
num target prot opt source destination
1 ACCEPT tcp -- anywhere anywhere tcp dpt:4000
2 ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp spt:4000
3 ACCEPT tcp -- anywhere anywhere tcp dpt:3000
4 ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp spt:3000
5 ACCEPT tcp -- anywhere anywhere tcp dpt:5000
6 ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp spt:5000
7 RETURN all -- anywhere anywhere
Chain DOCKER-ISOLATION (1 references)
num target prot opt source destination
1 DROP all -- anywhere anywhere
2 DROP all -- anywhere anywhere
3 RETURN all -- anywhere anywhere
Chain DOCKER-USER (1 references)
num target prot opt source destination
1 RETURN all -- anywhere anywhere