DiscDuck Posted January 5, 2021 Share Posted January 5, 2021 Looking for the best way, using a fixed ip address of an external located Server, to access services on an UNRAID Server. The UNRAID Server in question is unfortunately behind a double NAT without any way forwarding ports. Quote Link to comment
itimpi Posted January 5, 2021 Share Posted January 5, 2021 Not tried it, but you might be able to set up the external server to act as a WireGuard server and then configure WireGuard in UnRAID (using the Server <-> Server option) to connect to it. If that tunnel is set to auto-start you should then have an established link between the two that you can use. be interested to get feedback on whether this works (or if others have done something similar). Quote Link to comment
DiscDuck Posted January 5, 2021 Author Share Posted January 5, 2021 @itimpi Certainly, a good idea. Also looked at https://www.zerotier.com/ (there is a docker template for UNRAID). Hope to find UNRAID Community members with tested solutions in place. With ipv6, ISPs blocking 443 and more, surely there is some demand. Quote Link to comment
DiscDuck Posted January 17, 2021 Author Share Posted January 17, 2021 For preparation, I rented an external virtual server with a public IP address. Locally I configured a VM with pfSense. pfSense is up and working, standard NAT and test clients can access the Internet. How to proceed from here? Looking for help, tutorials, documentation here. Can pfSense connect to the external Server with SSH and could I forward all ports from external to the WAN interface of pfSense? Quote Link to comment
DiscDuck Posted January 18, 2021 Author Share Posted January 18, 2021 Managed to get ports tunneled from the outside to my servers/dockers. Using SSH remote port forwarding. Now in the process of automating everything and getting reverse proxy setup again including certificates. If there is interest from others, I would be happy to write up a little howto once everything is up and running. Quote Link to comment
JonathanM Posted January 18, 2021 Share Posted January 18, 2021 26 minutes ago, UnraidDuck said: If there is interest from others, I would be happy to write up a little howto once everything is up and running. I'm sure that would be appreciated as more and more folks are stuck behind CGNAT without a solid IPV6 solution in place. Quote Link to comment
Johnny Utah Posted April 18, 2021 Share Posted April 18, 2021 On 1/18/2021 at 8:57 AM, UnraidDuck said: Managed to get ports tunneled from the outside to my servers/dockers. Using SSH remote port forwarding. Now in the process of automating everything and getting reverse proxy setup again including certificates. If there is interest from others, I would be happy to write up a little howto once everything is up and running. I would definitely be interested in how this is done! Quote Link to comment
Doublemyst Posted April 18, 2021 Share Posted April 18, 2021 Hi UnraidDuck I am also interested. The thing I know from German Unraid Forum (more precisely from User YB1898) that this is due to DS-Lite. In his setup he went even further and is using Sophos as a firewall (unfortunatelly I don't know how exactly he has set this up). But if you know how this is working, I would highly appreciate a guide, or I am willing to write it on my own, if someone would help me out set everything up (I'll just protocol everything I do until it works and if I do it fully on my own, I'll most probably do some seveire misstakes and I am afraid that my server would be exposed to the internet and I might loose data / get hacked). Cheers Quote Link to comment
DiscDuck Posted June 17, 2021 Author Share Posted June 17, 2021 Actually there are two solutions I manged to get going. One very complicated with an external vserver and costs attached. The other using a free cloudflare tunnel. Works great! There is even a video about it: There is a lively support group on the associated discord server. 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.