Have you used bind argument for bitcoind (you can add it to bitcoin.conf file) with the IP of your VPS that you are trying to connect on?
Btw, you can use Tor if you like to setup a hidden service so you can get inbound connections through your hidden service address.
This is quite easy with Bitcoin Core as the support for it is very well integrated. You can even set it up automatically with an argument for bitcoind.
Topic: Full node through VPN (Read 179 times)
Sorry for not being closely bitcoind related issue, but any help is appreciated:
1. I successfuly setup my bitcoin full node based on bitcoind 0.15.1 running on odroid hc1 with ubuntu and ssd disk connected through hc1 sata. I really like the compact setup. It has synced today in less then 2 days
2. I run it in my home network, connected to internet via cable to home router. I don't have public IP, as my ISP does not provide it, exposes one shared outside IP
3. I have unlimited data plan so I am trying to achieve that my node is reachable by other nodes so I
- setup OpenVPN server on small ubuntu VPS with public IP I have, seems to work correctly
- setup OpenVPN client on my odroid, seems to work
- setup tunneling of traffic through OpenVPN server (https://linode.com/docs/networking/vpn/tunnel-your-internet-traffic-through-an-openvpn-server/)
4. After setup, my odroid annouces IP address of VPN server (wget -qO- http://ipecho.net/plain ; echo), and keeps multiple connections to other nodes
However when I try to reach my node through Bitnodes or other port checker I get port 8333 (and actually all other common ports except 22) closed.
I am using iptables-persistent with rules advised in linode docs, where I added rules for bitcoin mainnet / testnet / lightning ports. I have ufw firewall rules (but ports does not work with ufw disabled anyway). I have net.ipv4.ip_forward=1 enabled in /etc/sysctl.d/99-sysctl.conf and openvpn server.conf setup accordingly on my VPS.
Here are mine /etc/iptables/rules.v4, once again any help appreciated
1. I successfuly setup my bitcoin full node based on bitcoind 0.15.1 running on odroid hc1 with ubuntu and ssd disk connected through hc1 sata. I really like the compact setup. It has synced today in less then 2 days
2. I run it in my home network, connected to internet via cable to home router. I don't have public IP, as my ISP does not provide it, exposes one shared outside IP
3. I have unlimited data plan so I am trying to achieve that my node is reachable by other nodes so I
- setup OpenVPN server on small ubuntu VPS with public IP I have, seems to work correctly
- setup OpenVPN client on my odroid, seems to work
- setup tunneling of traffic through OpenVPN server (https://linode.com/docs/networking/vpn/tunnel-your-internet-traffic-through-an-openvpn-server/)
4. After setup, my odroid annouces IP address of VPN server (wget -qO- http://ipecho.net/plain ; echo), and keeps multiple connections to other nodes
However when I try to reach my node through Bitnodes or other port checker I get port 8333 (and actually all other common ports except 22) closed.
I am using iptables-persistent with rules advised in linode docs, where I added rules for bitcoin mainnet / testnet / lightning ports. I have ufw firewall rules (but ports does not work with ufw disabled anyway). I have net.ipv4.ip_forward=1 enabled in /etc/sysctl.d/99-sysctl.conf and openvpn server.conf setup accordingly on my VPS.
Here are mine /etc/iptables/rules.v4, once again any help appreciated
Code:
File: /etc/iptables/rules.v4
# Generated by iptables-save v1.6.0 on Wed Feb 7 00:59:06 2018
*nat
:PREROUTING ACCEPT [3:185]
:INPUT ACCEPT [2:88]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.89.0.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.89.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Feb 7 00:59:06 2018
# Generated by iptables-save v1.6.0 on Wed Feb 7 00:59:06 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -s 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 8333 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 18333 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 9735 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state NEW,ESTABLISHED -m udp --dport 1194 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state ESTABLISHED -m udp --sport 53 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 53 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 443 -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "iptables_INPUT_denied: "
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i tun0 -j ACCEPT
-A FORWARD -s 10.89.0.0/24 -i tun0 -o eth0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "iptables_FORWARD_denied: "
-A FORWARD -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 22 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 8333 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 18333 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 9735 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m state --state ESTABLISHED -m udp --sport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m state --state NEW,ESTABLISHED -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "iptables_OUTPUT_denied: "
-A OUTPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
# Generated by iptables-save v1.6.0 on Wed Feb 7 00:59:06 2018
*nat
:PREROUTING ACCEPT [3:185]
:INPUT ACCEPT [2:88]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.89.0.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.89.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Wed Feb 7 00:59:06 2018
# Generated by iptables-save v1.6.0 on Wed Feb 7 00:59:06 2018
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -s 127.0.0.0/8 ! -i lo -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 8333 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 18333 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 9735 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state NEW,ESTABLISHED -m udp --dport 1194 -j ACCEPT
-A INPUT -i eth0 -p udp -m state --state ESTABLISHED -m udp --sport 53 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 53 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 80 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 443 -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A INPUT -m limit --limit 3/min -j LOG --log-prefix "iptables_INPUT_denied: "
-A INPUT -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i tun0 -j ACCEPT
-A FORWARD -s 10.89.0.0/24 -i tun0 -o eth0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m limit --limit 3/min -j LOG --log-prefix "iptables_FORWARD_denied: "
-A FORWARD -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 22 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 8333 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 18333 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state ESTABLISHED -m tcp --sport 9735 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m state --state ESTABLISHED -m udp --sport 1194 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m state --state NEW,ESTABLISHED -m udp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 53 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 80 -j ACCEPT
-A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -m tcp --dport 443 -j ACCEPT
-A OUTPUT -o tun0 -j ACCEPT
-A OUTPUT -m limit --limit 3/min -j LOG --log-prefix "iptables_OUTPUT_denied: "
-A OUTPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
Jump to: