overview for kokesh

I've been put behind CGNAT last year, so I'm running Wireguard tunnel to a VPS. Can I simply add new client - a second Linux machine sitting at my network and forward certain ports to it? Do all the clients use the same key then?

41

Simple landing page listing my installed services (lemmy.world)

submitted 9 months ago by [email protected] to c/[email protected]

13 comments fedilink

I'm looking for something like Heimdall, but a little bit more lightweight, hopefully something I can just throw into my www folder. Nothing requiring Docker. Just lightweight stuff.

15

Forwarding ports to other devices via Wireguard doesn't work (lemmy.world)

submitted 10 months ago by [email protected] to c/[email protected]

10 comments fedilink

I've made wireguard tu nel out to VPS (to circumvent CGNAT). Dns server works, web server + Gitea, Jellyfin,.. works. All the stuff running on my thin Ubuntu client. What doesn't work is forwarding the RDP port to my windows machine. No firewall on the windows machine. Used to work before CGNAT got enabled by my ISP. I've tried also UDP port, but still no connection.

Here is my wg0 conf:

[Interface] PrivateKey = ..... Address = 10.1.0.2/24

PostUp = iptables -t nat -A PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 192.168.1.21:3389; iptables -t nat -A POSTROUTING -p tcp --dport 3389 -j MASQUERADE

PostDown = iptables -t nat -D PREROUTING -p tcp --dport 3389 -j DNAT --to-destination 192.168.1.21:3389; iptables -t nat -D POSTROUTING -p tcp --dport 3389 -j MASQUERADE

[Peer] PublicKey = ........ AllowedIPs = 0.0.0.0/0 Endpoint = ...oraclevpsIP....:55108 PersistentKeepalive = 25

7

Using Android Private DNS AdGuard Home via reverse tunnel (lemmy.world)

submitted 10 months ago by [email protected] to c/[email protected]

8 comments fedilink

I have had AdGuard Home for a few years now, running on my small Ubuntu server. All works fine, but my ISP turned CGNAT few weeks back. I have all my stuff running via Wireguard reverse tunnel to free Oracle VPS. Everything works, except AdGuard. I've tried to forward all necessary ports, but still my phone says Can't connect. Is there any chance to get this running? The ads in apps are killing me.

104

ISP put me behind NAT (lemmy.world)

submitted 10 months ago* (last edited 10 months ago) by [email protected] to c/[email protected]

107 comments fedilink

I'm connected via a 4G modem. Got this setup about 3 years ago. In the beginning it was enough to look for the public IP (what's my IP). The modem showed some sort of private ip in the ui. I'm running stuff at home (Homeassistant, Gitea,) and bought a domain and pointed it to my home IP via Cloudflare. After some time I've noticed my modem shows the public IP also internally. For about 2 years now it ran flawlessly, the IP changed from time to time, but not really more than once in several weeks. For about a week all stopped working and the modem shows IP 100.xxxx and outside 85.something I guess I'm behind NAT now. Normal port forwarding on the modem is useless now. Is it possible to open the ports via UPNP? I've tried via miniupnp from my Ubuntu server, but it just throws an error.

upnpc -a ifconfig enp1s0| grep "inet addr" | cut -d : -f 2 | cut -d " " -f 1 22 22 TCP

Can I use this to somehow open the ports via UPNP on my modem and bypass the blocking? I can't even OpenVPN to my modem anymore.

EDIT: i also run AdguardHome, that I use as Private DNS on my Android phone

UPDATE: everything except Adguard Home used as Private DND on my Android works! I've used this: https://github.com/mochman/Bypass_CGNAT/wiki/Oracle-Cloud-(Automatic-Installer-Script) - free Oracle VPS + automated well described script. Even HTTPS works fine!