Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1246 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need way to access NAS behind xg firewall that has 100.77.x.x as ip (as seen from interfaces, but 112.201.x.x from https://www.whatsmyip.org)

jang430

Recent changes in my provider prolicy has left me without a public IP address.  Not even a dynamic one.  I've tried calling them up to get it changed to original dynamic IP address setup, but to no avail.  I have a NAS I access via VPN.  I'd like to be able to do it still.  Any workaround?  My nas is Unraid, and it supports Docker.  Are there Docker containers that I can run to direct me to NAS?



This thread was automatically locked due to age.
Parents
  • 0

    First step, turn on DynDNS on XG. https://community.sophos.com/kb/en-us/123126

     

    This would report the 100.77 to Sophos DynDNS server. 

     

    But the question is more likely, what your ISP is doing. Some saving techniques to save IPs? You need to figure out, what the ISP is using. Only way to build a DNAT.

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Reading some other forums about what my ISP is doing, they seem to say the isp is changing into CGNAT.  Don't know what that is, but I believe it's an internal IP?

  • 0 in reply to jang430

    Looks not good for you mate... 

    https://en.wikipedia.org/wiki/Carrier-grade_NAT

     

    Critics of carrier-grade NAT argue the following aspects:

    • Like any form of NAT, it breaks the end-to-end principle.[5]
    • It has significant security, scalability, and reliability problems, by virtue of being stateful.
    • It makes it impossible to host services.
    • It does not solve the IPv4 address exhaustion problem when a public IP address is needed, such as in web hosting.

     

    I guess you need to figure out a way to workaround this.

    One would be... Pay more money to ISP to get a business contract with Public ip (Or switch the ISP?).

    Another is a little appliance in public hoster setups and build a VPN to this place. 

     

     

    For example: Sophos Home XG in azure. Build a VPN to this place. DNAT the traffic going to Azure. Azure will route traffic through VPN to your XG. 

     

    I am sorry, but both approaches are based on "money spending"... 

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to jang430

    Looks not good for you mate... 

    https://en.wikipedia.org/wiki/Carrier-grade_NAT

     

    Critics of carrier-grade NAT argue the following aspects:

    • Like any form of NAT, it breaks the end-to-end principle.[5]
    • It has significant security, scalability, and reliability problems, by virtue of being stateful.
    • It makes it impossible to host services.
    • It does not solve the IPv4 address exhaustion problem when a public IP address is needed, such as in web hosting.

     

    I guess you need to figure out a way to workaround this.

    One would be... Pay more money to ISP to get a business contract with Public ip (Or switch the ISP?).

    Another is a little appliance in public hoster setups and build a VPN to this place. 

     

     

    For example: Sophos Home XG in azure. Build a VPN to this place. DNAT the traffic going to Azure. Azure will route traffic through VPN to your XG. 

     

    I am sorry, but both approaches are based on "money spending"... 

    __________________________________________________________________________________________________________________

Children
Cookie Information Banner