[SOLVED] Trouble Establishing Inbound Connections to qBittorrent over OpenVPN

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.


New Member
Sep 14, 2018
Hi everyone,

I'm trying to establish a private torrenting setup using qBittorrent on my local whitebox server machine using Ubuntu 22.04 called seedbox-server and a Virtual Private Server (VPS) as a VPN using Ubuntu 22.04 and OpenVPN (I used GitHub - Nyr/openvpn-install: OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora) called openvpn-server. My local machine, acting as a private tracker seedbox, has qbittorrent-nox (Release qbittorrent 4.5.3 libtorrent 2.0.9 · userdocs/qbittorrent-nox-static) installed and configured to use port 15986 for inbound connections with tun0 as the network interface. My goal is to have all torrenting traffic from my seedbox go through my VPS, mostly for privacy reasons.

I've successfully set up a VPN connection between my seedbox and VPS using OpenVPN, and all traffic seems to flow fine through the VPN tunnel for regular tasks - or at least, curl ifconfig.me returns the public IP of my OpenVPN VPS server (5x.xx.xx.xx) on my seedbox while connected to the VPN. However, I've encountered a problem where my seedbox's qBittorrent service is unable to have working inbound connections over the VPN, the port appears closed and private tracker connection tests say things like the client on 5x.xx.xx.xx:15986 appears to be not connectable due to: Connection timed out

Despite seeing traffic on port 15986 (which indicates qBittorrent should be operational) on the seedbox via sudo tcpdump -i any port 15986, I can't seem to connect to the VPN IP on that port via telnet 15986 from my OpenVPN server VPS and can't connect to the public OpenVPN server VPS IP (5x.xx.xx.xx) on port 15986. Also, traceroute -p 15986 on my seedbox returns, and vice versa with traceroute -p 15986 on my VPS/VPN server returning - ping also works in both directions too.

My current issue lies in troubleshooting why I can't connect to the qBittorrent service on my seedbox through the VPN. It's unclear whether the problem stems from qBittorrent's configuration, the way my VPN routes traffic, or potential interference from other services or network hardware.

Here is my setup:

seedbox-server (client) VPN IP:

openvpn-server (server) VPN IP:

seedbox-server.ovpn (IP redacted):
    dev tun
    proto udp
    remote 5x.xx.xx.xx 1194
    resolv-retry infinite
    remote-cert-tls server
    auth SHA512
    cipher AES-256-CBC
    ignore-unknown-option block-outside-dns
    verb 3
openvpn-server /etc/openvpn/server/server.conf (IPs redacted):
    local 5x.xx.xx.xx
    port 1194
    proto udp
    dev tun
    ca ca.crt
    cert server.crt
    key server.key
    dh dh.pem
    auth SHA512
    tls-crypt tc.key
    topology subnet
    push "redirect-gateway def1 bypass-dhcp"
    ifconfig-pool-persist ipp.txt
    push "dhcp-option DNS 2xx.xx.xx.xx"
    push "block-outside-dns"
    keepalive 10 120
    cipher AES-256-CBC
    user nobody
    group nogroup
    verb 3
    crl-verify crl.pem
openvpn-server ip route (IPs redacted):
    default via 5x.xx.xx.1 dev ens3 proto dhcp src 5x.xx.xx.xx metric 100 dev tun0 proto kernel scope link src
    5x.xx.xx.1 dev ens3 proto dhcp scope link src 5x.xx.xx.xx metric 100
    2xx.xx.xx.xx via 5x.xx.xx.1 dev ens3 proto dhcp src 5x.xx.xx.xx metric 100
seedbox-server ip route (IPs redacted):
Code: via dev tun0
    default via 192.168.x.1 dev ens6f0 proto static
    default via 192.168.x.1 dev ens6f0 proto dhcp src 192.168.x.xx metric 100 dev tun0 proto kernel scope link src
    5x.xx.xx.xx via 192.168.x.1 dev ens6f0 via dev tun0
    192.168.x.0/24 dev ens6f0 proto kernel scope link src 192.168.x.xx
    192.168.x.1 dev ens6f0 proto dhcp scope link src 192.168.x.xx metric 100
openvpn-server iptables: openvpn-server iptables

openvpn-server nat iptables: openvpn-server nat iptables

seedbox-server iptables: seedbox-server iptables

seedbox-server nat iptables: seedbox-server nat iptables

UFW is disabled on both servers. Please let me know if any more details are needed.

I would love any help or advice with this. Thank you for taking the time to read this, I really do appreciate it more than words can express.

UPDATE: I have fixed my networking issue. The issue was that I had an unnecessary iptables postrouting rule. I removed the postrouting rule, and the portforwarding is now working perfectly.
Last edited: