Best Option To Bypass CGNAT
-
@JKnott said in Best Option To Bypass CGNAT:
@panzerscope said in Best Option To Bypass CGNAT:
What do you guys think ?
Does that ISP offer IPv6? Many that use CGNAT do.
I can confirm that Lightspeed is IPv6 enabled. As that is the case, does that mean that in essence I can shift PfSense to use IPv6 from the ISP to avoid the CGNAT plaguing IPv4 ?
If that is the case, what would I need to change on the PfSense config ?
Many thanks in advance.
-
You can certainly enable IPv6. It would not replace IPv4 but you could then use it to reach your firewall externally. As long as you're coming from some other IPv6 enabled location.
It depends what you're trying to avoid in CGNAT.
-
@stephenw10 said in Best Option To Bypass CGNAT:
You can certainly enable IPv6. It would not replace IPv4 but you could then use it to reach your firewall externally. As long as you're coming from some other IPv6 enabled location.
It depends what you're trying to avoid in CGNAT.
Thanks for the info. Currently I am wanting to access my TrueNas server externally. I have a reverse DNS setup so I can access some of my apps located on the server, This includes things like Plex. I do play multiplayer games, but those are at the bottom of the totem pole so far as getting Port Forwarding working well.
-
If you are doing that I would want to do so over a VPN anyway. So setting up an external VPN server to connect via starts to make a lot of sense. IMO.
-
@stephenw10 said in Best Option To Bypass CGNAT:
If you are doing that I would want to do so over a VPN anyway. So setting up an external VPN server to connect via starts to make a lot of sense. IMO.
When we talk VPN, I did investigate TailScale, but that is for accessing my devices remotely via a Tailscale account, I do not think that that will help me as I am needing to access my apps via domain names and not specifically via the device they reside on. Again, the same goes for Plex as others outside my network (including myself) cannot access the Plex server as port forwarding is currently non functional.
So, I am thinking that setting up an actual VPN Tunnel through NordVPN makes more sense, not only that but I also will have a dedicated IP on IPv4 as an added bonus. If I can then set in PfSense that certain devices use the Nord VPN Tunnel, such as my TrueNas server so I can access my apps via domains and by extension Plex as well as it should be able to port forward correctly.
Or am I mad ?
-
Do NordVPN offer fixed IPs? Not something I have used.
But what I would do is install pfSense in some cloud hosting service. The Netgate image in AWS or Azure for example. That will then have a fixed IPv4 address.
Then configure on that a site-to-site tunnel with your home pfSense box and a remote access VPN server for anything remote to connect to.Then when you are in some remote location you connect to the VPN server in the cloud and from there will have access to your home pfSense install along with whatever access you have allowed to LAN side resources.
You could also just port forward from the cloud install across the tunnel dircetly but I would always advise using the RA VPN.
-
@panzerscope said in Best Option To Bypass CGNAT:
does that mean that in essence I can shift PfSense to use IPv6 from the ISP to avoid the CGNAT plaguing IPv4 ?
You will wind up with both. The IPv6 addresses will be public and no NAT either from the ISP or pfSense.
-
This post is deleted! -
As a small update, I decided to go with PureVPN. This company offers VPN with dedicated IP and allows port forwarding on said IP. It is my hopes that I can route my Plex server over the VPN with port forwarding, working around the CGNAT. Fingers crossed. If it works out, either way I will pop an update here so that others are in the know.
-
@panzerscope Does PureVPN work? Can you host jobs in GTA now?
