Cloudflare tunnel (aka a reverse proxy, like ngrok) will also likely work for your mystery project, and it’s free. VPN is more secure, but as always, it's a trade-off between the security of a vpn and the convinence of a reverse proxy that's available on the open internet.
Basically, I want to move files between my NAS (behind CGNAT) and webserver and rsync isn't cutting it. I think WireGuard will be best, then I can use my existing NFS and Kerberos infrastructure.
Do you need a static IP or could you get away with using dynamic DNS like duckdns? I think wireguard allows you to use a hostname instead of IP address. The wireguard peers would have static private IPs in the VPN address space. I had a much simpler setup than you, but this is what I was doing before tailscale.
A dynamic IP would work; I just need an IP that is unique to my router and isn't shared by a dozen other households---I don't know what the term for that is.
There is a way to make it work with WireGuard using something called MASQUERADE, I'm learning.
It's not working fine for me!
I need a static address and they quoted me $200/mo for an IPv4 one.
Just torrent a bunch and I think they give you a static address so that they can potentially suenyou later.
My IP hasn't changed in years.
Does ddns or ngrok type solutions not work?
DDNS doesn't work behind CGNAT. Never heard of ngrok; google says it might work. I'm trying to do something with WireGuard.
they're using cgnat and turning off ipv6? what the hell..
INORITE!
Cloudflare tunnel (aka a reverse proxy, like ngrok) will also likely work for your mystery project, and it’s free. VPN is more secure, but as always, it's a trade-off between the security of a vpn and the convinence of a reverse proxy that's available on the open internet.
A reverse proxy like nginx?
Basically, I want to move files between my NAS (behind CGNAT) and webserver and rsync isn't cutting it. I think WireGuard will be best, then I can use my existing NFS and Kerberos infrastructure.
Do you need a static IP or could you get away with using dynamic DNS like duckdns? I think wireguard allows you to use a hostname instead of IP address. The wireguard peers would have static private IPs in the VPN address space. I had a much simpler setup than you, but this is what I was doing before tailscale.
A dynamic IP would work; I just need an IP that is unique to my router and isn't shared by a dozen other households---I don't know what the term for that is.
There is a way to make it work with WireGuard using something called MASQUERADE, I'm learning.
Mine told me I can have gigabit fiber, or static IP on 50mb/s copper, but not both, because something something piracy.
Mine told me I can have gigabit fiber, or static IP on 50mb/s copper, but not both, because something something piracy.
Mine told me I can have gigabit fiber, or static IP on 50mb/s copper, but not both, because something something piracy.
Damn that's crazy. My ISP only charges me £4/mo for static ipv4 addresses.
Does ddns or ngrok type solutions not work?