-
Amazon Deals - ToS - Warp
Using VPN or Cloud VM to bypass CGNAT.
- Thread starter a.c
- Start date
- Replies 22
- Views 10,279
-
- Tags
- bypass nat port forwarding vpn
varkey
I got banned!
Is the 1k/month including the DO droplet costs? Or are you referring to getting a static IP address from Excited? (Do they offer that?)
varkey
I got banned!
Ah, that's not so bad. Plus you can use the droplet for other stuff too if required.
undercover
I got banned!
varkey
I got banned!
@achaudhary997 So I tested ZeroTier with Miniupnpd (for automatic port forwards) on DO and it works.
I wrote a script (initial attempt, crude) that can be used as the DO user data script which automatically installs ZeroTier and configures miniupnpd --
Source
You still need to manually authorise the new ZeroTier member and add the default route through the ZeroTier console.
1. Create a new DO droplet (has to be Debian/Ubuntu as the miniupnpd package was available in the package repository, was not there on CentOS) using the above user data script.
2. Authorise the new ZeroTier member from the console.
3. Add a default route pointing to this new ZeroTier IP address.
4. On the client devices, enable "Allow managed" and "Allow default"
That's it, now your internet gets routed through DO and if you launch any upnp or NAT-PMP enabled services it would auto create the required port-forwards. Just uncheck "Allow default" when you want to disable routing traffic through the DO droplet.
To test the port-forwards which got created, I used upnpc
🎉
I wrote a script (initial attempt, crude) that can be used as the DO user data script which automatically installs ZeroTier and configures miniupnpd --
Source
You still need to manually authorise the new ZeroTier member and add the default route through the ZeroTier console.
1. Create a new DO droplet (has to be Debian/Ubuntu as the miniupnpd package was available in the package repository, was not there on CentOS) using the above user data script.
2. Authorise the new ZeroTier member from the console.
3. Add a default route pointing to this new ZeroTier IP address.
4. On the client devices, enable "Allow managed" and "Allow default"
That's it, now your internet gets routed through DO and if you launch any upnp or NAT-PMP enabled services it would auto create the required port-forwards. Just uncheck "Allow default" when you want to disable routing traffic through the DO droplet.
To test the port-forwards which got created, I used upnpc
Code:
Viveks-MacBook-Air:bin varkey$ upnpc -m zt0 -l
upnpc : miniupnpc library test client, version 2.1.
(c) 2005-2018 Thomas Bernard.
Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/
for more information.
List of UPNP devices found on the network :
desc: http://172.22.248.15:35713/rootDesc.xml
st: urn:schemas-upnp-org:device:InternetGatewayDevice:1
Found valid IGD : http://172.22.248.15:35713/ctl/IPConn
Local LAN ip address : 172.22.122.186
Connection Type : IP_Routed
Status : Connected, uptime=1143s, LastConnectionError : ERROR_NONE
Time started : Mon Apr 22 00:06:06 2019
MaxBitRateDown : 10000000 bps (10.0 Mbps) MaxBitRateUp 1000000 bps (1.0 Mbps)
ExternalIPAddress = 68.183.86.250
i protocol exPort->inAddr:inPort description remoteHost leaseTime
0 TCP 57108->172.22.122.186:57108 'NAT-PMP 57108 tcp' '' 2556
1 UDP 57108->172.22.122.186:57108 'qBittorrent/4.1.5 at 172.22.122.186:57108' '' 603756
GetGenericPortMappingEntry() returned 713 (SpecifiedArrayIndexInvalid)
Viveks-MacBook-Air:bin varkey$🎉
Finally, a usable bypass for dual nat with pmp 🙂.
Thanks for going through the pain of setting it up. Now I can actually pay for do without worries (after my free credits expire).
I will extend/work upon the script you have given and will update it (if required or if I find something more interesting to add) and post here.
Thanks for going through the pain of setting it up. Now I can actually pay for do without worries (after my free credits expire).
I will extend/work upon the script you have given and will update it (if required or if I find something more interesting to add) and post here.
varkey
I got banned!
No worries, I was curious myself and had to try it. 😀 Setting up miniupnpd turned out to be a bit hacky, the scripts in debian miniupnpd package as is didn't work very well with DO, and had to tinker a bit. (Still not liking it 😆 )
Feel free to modify/add/tweak the script. 🚀
Perhaps automatically authorising the new ZeroTier member and adding the default route would be a good idea (ZeroTier API supports it), that way can easily launch a new DO droplet if you want go via a different DO region or something. Can create and destroy the droplets as needed. 😀
Feel free to modify/add/tweak the script. 🚀
Perhaps automatically authorising the new ZeroTier member and adding the default route would be a good idea (ZeroTier API supports it), that way can easily launch a new DO droplet if you want go via a different DO region or something. Can create and destroy the droplets as needed. 😀
