Hi, I’m Alex! I like to talk about all sorts of things, like self-hosting stuff, programming shenanigans, random memes, games and probably some other stuff too!

  • 8 Posts
  • 43 Comments
Joined 9 months ago
cake
Cake day: March 11th, 2024

help-circle




  • I’ve added the firewall rule and it still says no port[s] to connect to whenever I run echo "Testing" | nc -u SERVER_IP -p 51820. I feel like you’re trying to stay on a sinking ship, so I would suggest to try another method to see if we even can get the whole “bypass CGNAT with a VPS” thing to work at all.

    Update: I’ve tried setting up SSH tunneling instead and it STILL doesn’t work. I contacted Hetzner support about this issue and I’m hoping that they can resolve the firewall issues that I’m having.


  • I’ve added some different ports for the future, but this is my ufw status:

    Status: active
    
    To                         Action      From
    --                         ------      ----
    OpenSSH                    ALLOW       Anywhere                  
    51820                      ALLOW       Anywhere                  
    2333                       ALLOW       Anywhere                  
    80                         ALLOW       Anywhere                  
    81                         ALLOW       Anywhere                  
    443                        ALLOW       Anywhere                  
    80/tcp                     ALLOW       Anywhere                  
    OpenSSH (v6)               ALLOW       Anywhere (v6)             
    51820 (v6)                 ALLOW       Anywhere (v6)             
    2333 (v6)                  ALLOW       Anywhere (v6)             
    80 (v6)                    ALLOW       Anywhere (v6)             
    81 (v6)                    ALLOW       Anywhere (v6)             
    443 (v6)                   ALLOW       Anywhere (v6)             
    80/tcp (v6)                ALLOW       Anywhere (v6)
    












  • Hi, thank you so much for trying to help me, I really appreciate it!

    VPS wg0.conf:

    [Interface]
    Address = 10.0.0.1/24
    ListenPort = 51820
    PrivateKey = REDACTED
    
    PostUp = iptables -t nat -A PREROUTING -p tcp -i eth0 '!' --dport 22 -j DNAT --to-destination 10.0.0.2; iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source SERVER_IP
    PostUp = iptables -t nat -A PREROUTING -p udp -i eth0 '!' --dport 55107 -j DNAT --to-destination 10.0.0.2;
    
    PostDown = iptables -t nat -D PREROUTING -p tcp -i eth0 '!' --dport 22 -j DNAT --to-destination 10.0.0.2; iptables -t nat -D POSTROUTING -o eth0 -j SNAT --to-source SERVER_IP
    PostDown = iptables -t nat -D PREROUTING -p udp -i eth0 '!' --dport 55107 -j DNAT --to-destination 10.0.0.2;
    
    [Peer]
    PublicKey = REDACTED
    AllowedIPs = 10.0.0.2/32
    

    Homeserver wg0.conf:

    [Interface]
    Address = 10.0.0.2/24
    PrivateKey = REDACTED
     
    [Peer]
    PublicKey = REDACTED
    AllowedIPs = 0.0.0.0/0
    PersistentKeepalive = 25
    Endpoint = SERVER_IP:51820
    

    (REDACTED would’ve been the public / private keys, SERVER_IP would’ve been the VPS IP.)


  • The biggest obstacle for me is the connection between the VPS and my homeserver. I have tried this today and I tried pinging 10.0.0.2 (the homeserver IP via WireGuard) and get this as a result:

    PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
    From 10.0.0.1 icmp_seq=1 Destination Host Unreachable
    ping: sendmsg: Destination address required
    From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
    ping: sendmsg: Destination address required
    ^C
    --- 10.0.0.2 ping statistics ---
    2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1019ms
    

    Not sure why though.