Roteamento de rede privada OpenVPN Servidor Docker não acessando

2

Concluí a configuração do servidor Openvpn e consigo conectar o servidor VPN ao cliente. Além disso, modifiquei a regra Iptables para acessar a rede privada (Docker, MySQL e Kafka).

Do cliente VPN, consigo acessar os servidores MySQL e Kafka, mas não consigo acessar o servidor Docker. Eu mencionei as regras Iptable do servidor Docker abaixo.

Por favor, verifique e me ajude a conectar o Docker Server.

Regra do Servidor MySQL (Trabalhando do Cliente VPN)

 root@app-db:/home/Mysqldb# sudo iptables -L --line-numbers
Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
2    ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
3    ACCEPT     tcp  --  192.168.30.0/24      anywhere
4    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:27017
5    ACCEPT     tcp  --  app-server           anywhere             tcp dpt:27017 state NEW,ESTABLISHED
6    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh state NEW,ESTABLISHED

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     tcp  --  anywhere             app-server           tcp spt:27017 state ESTABLISHED
2    ACCEPT     tcp  --  anywhere             anywhere             tcp spt:ssh state ESTABLISHED

Regra do servidor do Docker: (não funciona do cliente VPN)

root@Docker-server:/home/contus# sudo iptables -L --line-numbers
Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
2    ACCEPT     tcp  --  ec2-xxx.xxx.xxx.xxx.compute-1.amazonaws.com  anywhere             tcp dpt:ssh
3    ACCEPT     tcp  --  pool-xx.xx.x.xx.washdc..net  anywhere
4    ACCEPT     tcp  --  xxx.xxx.xxx.0/24       anywhere             tcp dpt:ssh
5    ACCEPT     tcp  --  xxx.xxx.xxx.xxx      anywhere
6    ACCEPT     tcp  --  ec2-xx.xx.xx.xx.compute-1.amazonaws.com  anywhere
7    ACCEPT     tcp  --  192.168.30.0/24      anywhere
8    ACCEPT     tcp  --  10.8.0.0/24          anywhere             tcp dpt:http ctstate NEW,ESTABLISHED
9    ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
10   ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh state NEW,ESTABLISHED
11   ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh state NEW,ESTABLISHED
12   ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    DOCKER-USER  all  --  anywhere             anywhere
2    DOCKER-INGRESS  all  --  anywhere             anywhere
3    DOCKER-ISOLATION  all  --  anywhere             anywhere
4    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
5    DOCKER     all  --  anywhere             anywhere
6    ACCEPT     all  --  anywhere             anywhere
7    ACCEPT     all  --  anywhere             anywhere
8    ACCEPT     all  --  anywhere             anywhere             ctstate RELATED,ESTABLISHED
9    DOCKER     all  --  anywhere             anywhere
10   ACCEPT     all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     tcp  --  anywhere             anywhere             tcp spt:http ctstate ESTABLISHED
2    ACCEPT     icmp --  anywhere             anywhere             icmp echo-reply
3    ACCEPT     tcp  --  anywhere             anywhere             tcp spt:ssh state ESTABLISHED
4    ACCEPT     tcp  --  anywhere             anywhere             tcp spt:ssh state ESTABLISHED

Chain DOCKER (2 references)
num  target     prot opt source               destination

Chain DOCKER-INGRESS (1 references)
num  target     prot opt source               destination
1    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:4000
2    ACCEPT     tcp  --  anywhere             anywhere             state RELATED,ESTABLISHED tcp spt:4000
3    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:3000
4    ACCEPT     tcp  --  anywhere             anywhere             state RELATED,ESTABLISHED tcp spt:3000
5    ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:5000
6    ACCEPT     tcp  --  anywhere             anywhere             state RELATED,ESTABLISHED tcp spt:5000
7    RETURN     all  --  anywhere             anywhere

Chain DOCKER-ISOLATION (1 references)
num  target     prot opt source               destination
1    DROP       all  --  anywhere             anywhere
2    DROP       all  --  anywhere             anywhere
3    RETURN     all  --  anywhere             anywhere

Chain DOCKER-USER (1 references)
num  target     prot opt source               destination
1    RETURN     all  --  anywhere             anywhere
    
por user26516 05.09.2017 / 09:16

0 respostas