Double Nat

Anyone know how to use cloudflare tunnels to bipass a double nat or whether it actually works. I'm running Open Media Vault on a pi 5 with docker containers and nextcloud on a reverse proxy and its causing issues. I'm wondering whether anyone here knows of a temporary workaround for it.
10 Replies
Chaika
Chaika5mo ago
Tunnels are an outbound connection to Cloudflare, just like how you opened discord.com and made an outbound connection to Cloudflare. No special tunnel configuration or anything. (So yes, they work fine behind double NAT because they're not "Bypassing it", they're just tunneling through it back to Cloudflare and proxying requests back) Although tunnels are http only unless you use cloudflared on the client/private networking w/ warp on the client, and you'll want to be a bit careful about bandwidth usage a bit. The CDN terms of service frown on proxying large files/videos, https://discord.com/channels/595317990191398933/1128753516081582192/1129499373722673243
Maximum Vengerov || Yoga Teacher
The only other thing I'm thinking is about whether it's possible to connect things directly to my purchased domain and it not to cause issues. Would my domain provider be able to give me more info or not really on this?
Chaika
Chaika5mo ago
what do you mean by "connect things directly to your purchased domain"?
Maximum Vengerov || Yoga Teacher
If I'm thinking right the reverse proxy on Nextcloud is the issue. DuckDNS is what I tried before now. Would switching from duck dns to my domain name that I purchased fix this? I'm looking for a temporary fix until I get another line put in or a better solution.
Chaika
Chaika5mo ago
Duck DNS is Dynamic DNS. It sounds like to me you were just trying to port forward before, which gets sticky or impossible with double nat/cgnat setups
Maximum Vengerov || Yoga Teacher
yes i was port forwarding directly from my router which ya this caused this.
Chaika
Chaika5mo ago
All DuckDNS does is auto update to your remote ip (which isn't something tunnels care about/get upset by, for what it's worth), switching from duckdns to your own domain wouldn't change the actual connection part
Maximum Vengerov || Yoga Teacher
soo essentially cloudflare tunnels would be the way to go temporaily correct?
Chaika
Chaika5mo ago
idk what you mean by "temporaily" but yea they're great for things behind NAT/with unstable public IPs
Maximum Vengerov || Yoga Teacher
thanks btw
Unit ssh.service could not be found.
joshua@JoshuasDesktop:~$ ssh root<ipaddress>
ssh: connect to host <IPaddress> port 22: Connection refused
joshua@JoshuasDesktop:~$ ^C
joshua@JoshuasDesktop:~$ ssh root!<ipaddress>
ssh rootwget http://ftp.us.debian.org/debian/pool/main/q/qtbase-opensource-src/libqt5widgets5_5.15.8+dfsg-11+deb12u2_amd64.deb.<pastipaddress>
ssh: Could not resolve hostname rootwget: No address associated with hostname
joshua@JoshuasDesktop:~$
Unit ssh.service could not be found.
joshua@JoshuasDesktop:~$ ssh root<ipaddress>
ssh: connect to host <IPaddress> port 22: Connection refused
joshua@JoshuasDesktop:~$ ^C
joshua@JoshuasDesktop:~$ ssh root!<ipaddress>
ssh rootwget http://ftp.us.debian.org/debian/pool/main/q/qtbase-opensource-src/libqt5widgets5_5.15.8+dfsg-11+deb12u2_amd64.deb.<pastipaddress>
ssh: Could not resolve hostname rootwget: No address associated with hostname
joshua@JoshuasDesktop:~$
Want results from more Discord servers?
Add your server