xB4CKD00R
xB4CKD00R5mo ago

solution for cgnat

i need a solution to port forward from home server running win11 over network while connected to a cgnat network
60 Replies
xB4CKD00R
xB4CKD00R5mo ago
only need to port forward tcp/udp
DirtyJ
DirtyJ5mo ago
If you're behind a nat that you can't control, then port forwarding directly to a public IP may not be an option. However, if your ISP provides you with a public IP (instead of them distributing one IPv4 address to several homes), then it would be a lot easier. In those cases, something like tunneling (e.g. with Cloudflare tunnels) or using a VPN that allows for port forwarding would be an easier option. All depends on what you have control over with the network devices you own
xB4CKD00R
xB4CKD00R5mo ago
i have no public ip thats the issue detected ip in router is different from the one assigned to me
DirtyJ
DirtyJ5mo ago
Then unless you can get the ISP to forward a port that you've already forwarded through the routers in your control, you won't have direct access to forward the port all the way out
xB4CKD00R
xB4CKD00R5mo ago
look at this its insane
xB4CKD00R
xB4CKD00R5mo ago
No description
xB4CKD00R
xB4CKD00R5mo ago
its actually 3 hops from the first router to network cause 192.168.192.1 is my antenna
DirtyJ
DirtyJ5mo ago
None of those are public IPs
xB4CKD00R
xB4CKD00R5mo ago
i know im showing u how the nat is working theres no way to port forward through all this
DirtyJ
DirtyJ5mo ago
Not unless you have control of each device along the private hops
xB4CKD00R
xB4CKD00R5mo ago
i dont for the 3 censored ones its isp
DirtyJ
DirtyJ5mo ago
Then they would need to forward the port for you, which given the scenarios that a cgnat is used in, I find that unlikely to happen
xB4CKD00R
xB4CKD00R5mo ago
exactly so whats the solution
DirtyJ
DirtyJ5mo ago
Tunnel or VPN
xB4CKD00R
xB4CKD00R5mo ago
for free whats available and how many ports? i mean i dont know any of these and wanna spend well if i have to pay lol
DirtyJ
DirtyJ5mo ago
Cloudflare is free if you own a domain (standard domains ain't that expensive in the grand scheme of things)
xB4CKD00R
xB4CKD00R5mo ago
i mean is that the best way to host for example steam servers from home server? i ll usually use from 5 to 6 ports tcp/udp
DirtyJ
DirtyJ5mo ago
Here's some services that can do what you're looking for with varying price tags: https://www.zerotier.com/ https://ngrok.com/ https://portmap.io/ https://playit.gg/ I've only ever used the first two
ZeroTier | Global Area Networking
ZeroTier enables secure, modern overlay networking for the Internet of Things, Industrial IoT, RMM, Remote Access, Embedded Networking, SD-WAN, VPN, and more.
ngrok | Unified Application Delivery Platform for Developers
ngrok is a secure unified ingress platform that combines your global server load balancing, reverse proxy, firewall, API gateway and Kubernetes Ingress Controller to deliver applications and APIs.
Portmap.io
Portmap.io - free port forwarding solution
Expose your local PC to Internet from behind firewall and without real IP address
xB4CKD00R
xB4CKD00R5mo ago
zerotier is basically a hamachi? lol
DirtyJ
DirtyJ5mo ago
Correct
xB4CKD00R
xB4CKD00R5mo ago
nah i dont want that lol
DirtyJ
DirtyJ5mo ago
Except not run by logmein Lmao
xB4CKD00R
xB4CKD00R5mo ago
i want something that leads to www network not a virtual lan xD
DirtyJ
DirtyJ5mo ago
The other three are more public facing
xB4CKD00R
xB4CKD00R5mo ago
ngrok and portmap?
DirtyJ
DirtyJ5mo ago
Correct
xB4CKD00R
xB4CKD00R5mo ago
which one is better ? lol
DirtyJ
DirtyJ5mo ago
I've seen a lot of folks use ngrok and recommend it, I just found the other two while Google searching
xB4CKD00R
xB4CKD00R5mo ago
i see thanks ll test and let you know
DirtyJ
DirtyJ5mo ago
Best of luck :Salute:
xB4CKD00R
xB4CKD00R5mo ago
is there a way to make the ngrok ip always the same also how to make it tcp and udp both its different ip for each tcp and udp port wont work like that lol maybe the best solution is really use a domain
w33t
w33t5mo ago
Ngrok will give you a domain and I think there is a way to do a custom domain or at least a static one. I believe there is another service that lets you being a custom domain, but I'll have to go digging for it
xB4CKD00R
xB4CKD00R5mo ago
and probably its paid :pepehehe:
w33t
w33t5mo ago
Yes, things aren't free to run and operate
w33t
w33t5mo ago
localhost.run | localhost.run
Connect web applications running on your computer to the internet instantly
xB4CKD00R
xB4CKD00R5mo ago
hmm so many choices i honestly dont know what to choose anymore
DirtyJ
DirtyJ5mo ago
Wheel of Names
Enter names, spin wheel to pick a random winner. Customize look and feel, save and share wheels.
DirtyJ
DirtyJ5mo ago
fr tho probably just look through those and find one that is the closest to your budget and give it a shot weird nats = weird solutions
xB4CKD00R
xB4CKD00R5mo ago
Just give me your opinion Cheapest and best solution to port forward ports from win11 TCP UDP What would you do
DirtyJ
DirtyJ5mo ago
I'd go down the list, try ones until one works
xB4CKD00R
xB4CKD00R5mo ago
Can't pay and just abandon it Lol
DirtyJ
DirtyJ5mo ago
some of them have free tiers or trials
xB4CKD00R
xB4CKD00R5mo ago
Should I just use cloudflare? And buy a 1$ domain
DirtyJ
DirtyJ5mo ago
Cloudflare tunnels are more for these types of applications: https://developers.cloudflare.com/cloudflare-one/applications/ Since you mentioned running game servers, a service that allows for that kind of traffic (like the four here) would be better You could use Cloudflare Spectrum for game servers, but that's money This one has a free tier you could experiment with that sounds exactly like what you described https://playit.gg/
xB4CKD00R
xB4CKD00R5mo ago
This looks nice Ll test when home Is it possible to forward from my home server to a vps and use its public IP to publish stuff? "hybrid setup where you continue to host them at your location behind your CGNAT but establish a VPN tunnel from your location to a VPS or something similar where you can get a public IP address and then use that as the entry point for your users to hit your server over the VPN." Ah wtf Its basically making a VPN from the vps And connect to it through a client from your home server
DirtyJ
DirtyJ5mo ago
that is pretty much what all of those solutions are, either that or a proxy that you connect to
xB4CKD00R
xB4CKD00R4mo ago
ok can you help me take a decision? xD till today i did nothing @DirtyJ @weet hope im not disturbing by pinging ayo i got a vps running ubuntu 20.04 and i successfully made a wireguard tunnel its working great and fast speed i can't manage to expose the stuff i host from the pc at home ?
DirtyJ
DirtyJ4mo ago
Any application you want to be publicly accessible like that will need to either be forwarded (which you can't do given the network limitations), proxied, or tunneled out of there
xB4CKD00R
xB4CKD00R4mo ago
LOL u can open ports on amazon vps for free there is no router behind you just open the firewall on the vps page and im doing it but for some reason its not working
DirtyJ
DirtyJ4mo ago
Oh if you're referring to a different issue, probably time to make a new thread. We were looking at your fun natting in here
xB4CKD00R
xB4CKD00R4mo ago
im doing a small test Trying to espose the minecraft server hosted on my home server which is connected to the wireguard VPN hosted by my vps
w33t
w33t4mo ago
:PES_HuhWtf:
xB4CKD00R
xB4CKD00R4mo ago
doesn't make sense to you? i find it quite simple expose to the internet the server hosted on the client connected to the vpn
DirtyJ
DirtyJ4mo ago
so what's your question lol
xB4CKD00R
xB4CKD00R4mo ago
how do i allow the traffic coming from the vpn client to go over to the internet basically the vps has to send the traffic from the pc connected to its vpn to the open internet using the vps public ip
DirtyJ
DirtyJ4mo ago
forward the port to the client's VPN IP on the VPS
xB4CKD00R
xB4CKD00R4mo ago
i did ayyyyyyy i did it! 😄 PostUp = iptables -t nat -A PREROUTING -p tcp --dport 25565 -j DNAT --to-destination 10.155.88.2:25565 PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -t nat -D PREROUTING -p tcp --dport 25565 -j DNAT --to-destination 10.155.88.2:25565 PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE this was missing
w33t
w33t4mo ago
It makes perfect sense, I just don't get the point
xB4CKD00R
xB4CKD00R4mo ago
I was missing IP tables rules
w33t
w33t4mo ago
I... I see that lol :Facepalm: