So…in a short sentence…the title. I have a server in a remote location which also happens to be under CGNAT. I only get to visit this location once a year at best, so if anything goes off…It stays off for the rest of that year until I can go and troubleshoot. I have a main location/home where everything works, I get a fixed IP and I can connect multiple services as desired. I’d like to make this so I could publish internal servers such as HA or similar on this remote location, and reach them in a way easy enough that I could install the apps to non-tech users and they could just use them through a normal URL. Is this possible? I already have a PiVPN running wireguard on the main location, and I just tested an LXC container from remote location, it connects via wireguard to the main location just fine, can ping/ssh machines correctly. But I can’t reach this VPN-connected machine from the main location. Alternatively, I’m happy to listen to alternative solutions/ideas on how to connect this remote location to the main one somehow.

Thanks!

    • @[email protected]
      link
      fedilink
      English
      37 months ago

      OpenSSH also has a built-in tunnel that is more general (-w Parameter) than just port forwarding.

      • @[email protected]
        link
        fedilink
        English
        37 months ago

        Yes, but autossh will automatically try to reestablish connection when its down, which is perfect for servers behind cgnat that you can’t physically access. Basically setup and forget kind of app.

        • @[email protected]
          link
          fedilink
          English
          27 months ago

          You can use any ssh command option (including -w) with autossh.

          -w creates tap devices on the server and client, and connects them together. Both sides get a private IP address.

        • @[email protected]
          link
          fedilink
          English
          17 months ago

          “How I get a reliable ssh connection” and “What I do with the SSH connection once I have one” are two entirely different things, autossh does the first, my comment was about the second.