AndrewFletcher904 Posted May 2, 2022 Share Posted May 2, 2022 Hi, I have recently setup up my servers and I am trying to configure it for remote access. I followed the spaceinvader tutorial and configured my "not 443" to something else as instructed. Have have configured my SKY router to forward the port I have chosen but I am unable to say transfer on to port 443 in the setup. My services no says remote access is setup but it doesn't connect? And when I check the connection it fails. Is this a problem with my router 😔 is there a workaround for this or what are my options. Kind Regards Link to comment
david.fosters9 Posted May 2, 2022 Share Posted May 2, 2022 Perfect timing! I've been facing the same issue since I tried to do the same thing during the week. After research, I believe the Sky router (mine is a Q hub) can do port forwarding but not PAT (Port Address Translation) which is what we need to go from "NOT 443" to "443" as you put it. I'm still looking, but options I have found so far are: 1. send a command to the router which enables PAT (https://www.skyuser.co.uk/forum/technical-discussion/6940-how-enable-port-address-translation-pat.html) 2. Use a piece of third party software , like the ones at the bottom of this page. Looks scary to me.https://www.itechtics.com/port-forwarding/ 3. Buy a new router 4. Look for an Unraid community app 5. Don't bother. I'm still researching. Let me know what you find out or device to do, and I'll do likewise. Link to comment
Solution ljm42 Posted May 2, 2022 Solution Share Posted May 2, 2022 If your router does not support the ability to have one external port point to a different internal port, there isn't really anything we can do on the Unraid side to make that work. But as mentioned in the docs we do not recommend exposing the webgui on port 443 externally: https://wiki.unraid.net/My_Servers#Configuring_Remote_Access_.28optional.29 If you need remote access through this router, I'd recommend changing your local access port (see Settings -> Management Access -> HTTPS port) to something random (14793, 21093, etc) and then configuring the router to pass that port through unchanged. 2 Link to comment
david.fosters9 Posted May 2, 2022 Share Posted May 2, 2022 Thanks for that suggestion. If I were to do that, is it any less secure than using the same random external port number (14793, 21093 etc) and translating it to 443? Sounds like the same exposure risk to me. Or are there other disadvantages? Link to comment
ljm42 Posted May 2, 2022 Share Posted May 2, 2022 No difference. The idea is just to hide the port so script kiddies don't hammer it. Unraid does have brute force protection built in, but why invite them to play? 1 Link to comment
david.fosters9 Posted May 2, 2022 Share Posted May 2, 2022 Yes indeed. Thanks for that clarification. Thinking about it, does that mean I have to choose whether to use MyServers or Wireguard VPN? Does Wireguard also need translating to 443? Or could I also change the port of Wireguard to a different random port number and pass it straight through the router without translating? Link to comment
ljm42 Posted May 2, 2022 Share Posted May 2, 2022 WireGuard needs its own port forward, it defaults to 51820 but you can choose something else if you want. When setting up WireGuard you need to use the same port both internally and externally. See this for help getting it set up: Once the WireGuard tunnel is up you would access the server's webgui as though you were on the local LAN, using whatever url/port you would normally use when on the local LAN. Note that there can be issues with MDNS / DNS, for the most trouble-free usage it helps if you have a (my)unraid.net SSL certificate. 1 Link to comment
Recommended Posts