Multiple ways to expose a local server behind NAT or firewall

Mis à jour le lundi 14 août 2017 par johackim

Archived content

I looked for solutions to expose a local server behind a NAT or firewall. Here's what I found.

Solution 1: VPN with port forwarding (with docker)

For this solution, you must have a server outside your local network, a scaleway C1 server is enough.

1. Install VPN on your server with docker (server-side)

CID=$(docker run -d --name dockvpn --restart=always --privileged --net=host ston3o/dockvpn)
docker run -t -i -p 8080:8080 --volumes-from $CID ston3o/dockvpn serveconfig

2. Port forwarding (server-side)

iptables -A PREROUTING -t nat -i eth0 -p tcp -d <src_ip> -j DNAT --to-destination <dest_ip>

3. Download ovpn file and connect to your VPN (client-side)

Go to http://server:8080 and execute openvpn myvpn.ovpn

Solution 2: VPN with dedicated IP

You can use a VPN like purvpn to obtain a dedicated IP for 1,99$ per month or ipjetable for free.

Solution 3: UPNP

You can open ports with UPNP protocol (only 1024-65535 ports are allowed):

upnpc -a <ip> <port> <external_port> <protocol>

Example: upnpc -a 8888 8888 tcp

Solution 4: tor2web

Use tor network and tor2web to expose your web server:

  1. Install tor: apt-get install tor
  2. Bind your web server with tor
# /etc/tor/torrc
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80
  1. Start tor: systemctl start tor
  2. Get your hostname.onion cat /var/lib/tor/hidden_service/hostname
  3. Go to your website * (tor2web)

Solution 5: Tunnels