Hi guys! IN a bit of a rush, I installed a server on a place where I knew I’d have trouble reaching, as their router is behind CGNAT. I want now to start installing some VMs etc. At the moment all I have is a VM running Windows running Teamviewer for remote access (I know, I know). I have most of my services hosted on a local home server that runs rather well and has plenty of bandwidth. Among these, there’s a PiVPN running on my home server that works rather well. Is there a way I could make that remote CGNAT server connect to my VPN and be reachable/pingable/show webpages locally?

Thanks!

  • TwinTurbo@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Yes, you can connect the device behind CGNAT to your existing VPN as a client. Then, from inside the VPN, you would use the its virtual address to connect to it. You can use a systemd service or similar to have the VPN connect at boot.

    • ibroughtashrubbery@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Oh wow, I’ll have to try this! Can then the virtual IPs be pinged in Wireguard VPNs? (I mean, PiVPN is simplifying Wireguard anyway).

      • TwinTurbo@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Yes. All devices connected to the VPN will have a private IP inside the virtual network. You can use these to communicate as though they were public IPs, except that they can’t be used from outside the VPN.

        • ibroughtashrubbery@lemmy.mlOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          That would be my problem right? In my understanding, if I get some remote device to dial into my home network through a PiVPN running in my home network, i believe the remote devices can access and ping home devices, but no home device other than the PiVPN can ping them back? Right?

          • TwinTurbo@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            You would need to set up routes on these other devices to tell them that VPN devices can be reached through the Pi. It’s possible, but I’ve never done it myself, so I don’t have any useful pointers.

  • 2xsaiko@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    Do you have IPv6? That usually isn’t behind any kind of NAT and you can just let machines through the firewall.