![]() ![]() You will need to configure the GatewayPorts option, so edit the SSH config file: $ sudo nano /etc/ssh/sshd_configĪnd add the following line at the bottom: GatewayPorts yes SSH's AllowTCPForwarding option must be set to yes for this to work-and that's the default. I pay $5/month for it, use it to host some websites, and it also gets assigned a static public IP address, so I can point a domain at it, like On that VPS, I needed to configure SSH so it could work as a tunnel server: So I chose to use one of my existing DigitalOcean VPSes for the task. Sometimes they are easier for specific needs, but as I mentioned, I just wanted two open ports. ![]() Paid services like VPNs and ngrok run their own servers, but can cost upwards of $10-20/month if you want to run a lot of traffic through them. You're responsible for your own security, and if you don't have a good grasp on fundamental Linux and SSH security, you might not want to do this. Security Warning: Punching a hole through to any network-especially to expose something like a Raspberry Pi to the public Internet, increases your network's attack surface. There are a few different ways people have traditionally dealt with accessing devices running through CG-NAT connections:Īnd after weighing the pros and cons, I decided to go with option 3, since-for my needs-I want to have two ports open back to the Raspberry Pi: What this means is there's no publicly routable address for the Pi-you can't access it from the public Internet, since it's only visible inside the cell network's private network. This modem is on AT&T's network, but regardless of the provider, unless you're willing to pay hundreds or thousands of dollars a month for a SIM with a public IP address, the Internet connection will be running behind CG-NAT. ![]() For a project I'm working on, I'll have a Raspberry Pi sitting behind a 4G LTE modem: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |