So thing is - my provider doesn’t provice static public IP. And I have some services that I need to have access to from outside of my local network - stuff like Zabbix or Grafana.
In my local network (let’s say 192.168.100.0/24) I have a Proxmox server (192.168.100.10) and on it are my services (Zabbix on 192.168.100.20).
How do you handle accessing it? I tried setting up an OpenVPN Access Server on AWS, then having my Proxmox as one client (gateway) and connect my phone as another client. This works, however I can only access Proxmox, nothing else inside my home network.
Is it possible to do with Access Server, or do I need to configure something else?
EDIT:
Found solution - since I have my domain at CF, I just used Cloudflare Tunnel.
Log into your ISP provided router and note your connected machines have public IPV6 addresses. These ARE static addresses just IPV6 vs IPV4. You can point AAAA DNS record to them from domain of choice. Of course you want that machine quite well secured to not allow hackers inside your LAN. Many people miss this possibility.
I rent a minimal VM instance from Vultr (fsdo “minimal”; I’m paying for a $10/month instance, but there are cheaper ones), which gives me a static IP.
Then I use OpenSSH to open tunnels between my homelab and the VM. SSH listens for and accepts connections on the VM and forwards traffic over the tunnel to the services on the homelab.
For example, to make the VM “serverhost” accept connections on its port 8080 and forward them to my home server’s port 80, I would run this command on my home server:
The “-v” option causes the SSH session to display additional information, like when new connections are forwarded, the remote IP making the connection, and such.
Thus, as long as the tunnel is up, anyone making connections to serverhost’s port 8080 will actually be connecting to my home server’s port 80.