Managing unraid remotely when you don't manage your network

[gacpac]

Hi,

 

I think this is a hard one. I have unraid working with let's encrypt and VPN for remote access and I can access my router remotely with a backdoor.

 

But how can you work with this when you don't have control over your ISP router?

 

Quick example like opening a port for Plex or OpenVPN

 

[Marshalleq]

At a guess, most routers which are locked down like that also have upnp enabled, which will automatically open any required ports.  If Unraid supports that (or you can force it to), then you'd be in business.  It's very convenient, though in my view a bit of a security risk, nevertheless you could try that route (no pun intended).

[gacpac]

The upnp I know. It's good for home network, kind of security mess in enterprise.

But this the situation with my friend. He shares an internet connection and doesn't have access to the main router. All he has is a small router to segment his part of the network.

Sent from my Pixel 2 XL using Tapatalk

[1812]

Ubuntu vm with team viewer on the server. Remote in on teamviewer, then use Ubuntu web browser to access server.

[gacpac]

Ubuntu vm with team viewer on the server. Remote in on teamviewer, then use Ubuntu web browser to access server.

I think that's a good one. Also, he just told me he got access to the main router, but doesn't want to touch settings (it's not his).

Will the DMZ host work?

Sent from my Pixel 2 XL using Tapatalk

[bastl]

Please don't put a Unraid server into a DMZ or any server in your network, unless you really know what you're doin.

[gacpac]

9 minutes ago, bastl said:

Please don't put a Unraid server into a DMZ or any server in your network, unless you really know what you're doin.

It's not unraid. Of course not. It's the router behind the ISP. This is the setup

 

Cloud ---- ISP router ----(network 1)----> PFsense Router  ---(network 2) ---> Unraid

 

I've been reading a lot about what's the best solution. What's kind of complicated is that bought networks need to be working, but because of the double nat, opening ports is a mess. 

[bastl]

If you have no access to the ISP router a way you can work around this is to setup a server somewhere in the cloud or somwhere where you have full access to it and have a VPN setup to the pfsense box. From this server you can tunnel the ports you wanna access to pfsense and port forward them to unraid.

[gacpac]

3 hours ago, bastl said:

If you have no access to the ISP router a way you can work around this is to setup a server somewhere in the cloud or somwhere where you have full access to it and have a VPN setup to the pfsense box. From this server you can tunnel the ports you wanna access to pfsense and port forward them to unraid.

That sounds cool. I don't know how hard would it be.

 

BTW. The DMZ somewhat works, but I had to add a custom DNS entry to the WAN (Private IP) to make nextcloud work internally. There's a learning curve process in there.