Hey is there any alternatives to CloudFlare reverse proxies? I want to hide my server IP but not share everything with CF…

  • jubilationtcornpone@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    6
    ·
    6 months ago

    Set up a VPS. Create a VPN tunnel from you local network to the VPS. Use the VPS as the edge router by opening ports on the VPS firewall and routing incoming traffic on those ports through the VPN tunnel to servers on your local network.

    I used to do this to get around CGNAT. I ran RouterOS in a Digital Ocean droplet and setting up a wire guard tunnel between it and my local Mikrotik router.

    It will obscure your local WAN IP and give you a static IP but that’s about the only benefit. And you have to be pretty network savvy to configure it correctly.

    It does not make you immune to DDoS attacks and is honestly more headache to maintain (albeit just a small headache).

    • SayCyberOnceMore
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 months ago

      Not heard of RouterOS before … <quick search> I didn’t realise jad released firmware that would run in a normal VM… don’t suppose you have anything to compare it to pfSense?

      • jubilationtcornpone@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        6 months ago

        They do maintain an x86 build. I haven’t used pfSense but I have used OpnSense so that’s that closest thing I have to compare it to. I think the upside and downside to RouterOS/Mikrotik is the same thing: it allows very granular control over almost everything. Maybe to a fault. It’s probably overkill for most home networks.