Forwarding Ports from VPS Server via Zerotier to local Windows client

Hi community,

i am stucked a bit on following problem:
i am using a VPS Server to have a fixed IP for remote access purposes. i have setup Zerotier there fine (ubuntu 20.04 LTS) and managed with all the faq reading so that i can connect from my smartphone to the vps server and “surf” with the IP of the VPS Server.
Now i would like to tunnel a port from this VPS Server via Zeroptier to a client in the network (a windows pc with a webbased configuration tool i would like to make accessable from external users.

UFW Tells me:
sudo ufw status
Status: active

To Action From

9993/udp ALLOW Anywhere
22 ALLOW (office ip)
22 ALLOW (thats from internal net) 9710/tcp ALLOW Anywhere (thats my VPS Server IP) i want to use Port 9710
9993/udp (v6) ALLOW Anywhere (v6)

In the /etc/ufw/before.rules i added the following

(A) Zerotier NAT

-A PREROUTING -i eth0 -d -p tcp --dport 9710 -j DNAT --to-destination

(the following is part of the “use zerotier as default route”
-A POSTROUTING -o eth0 -s -j SNAT --to-source

At the end of the before.rules there i added also for default routing the following:

(B) Zerotier forwarding

-A FORWARD -i zt+ -s -d -j ACCEPT
-A FORWARD -i ens+ -s -d -j ACCEPT

don’t delete the ‘COMMIT’ line or these rules won’t be processed


I know that iptables, ufw and routing is a magic part in linux world, but i realy would like to understand what i am doing wrong…
(from the VPS i can ping the internal .175 windows pc, i can also telnet to port 9710, so the zerotier tunnel seems to be fine…

thanks a lot for some tips and help

I think the ! -d is not necessary. Is the port on your Windows device opened (9710)? Is the default route of the Windows device the vps?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.