Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
OpenVPN and Docker on NAT VPS
New on LowEndTalk? Please Register and read our Community Rules.

OpenVPN and Docker on NAT VPS

khvmathskhvmaths Member

Dear all, I am new to this NAT VPS thingy. (I am quite experience with ordinary VPS, no need to worry about limited ports, duh)

Recently, i bought myself a cheap NAT VPS from Wishosting. My initial intention is to:
1. run several docker images
2. install openvpn servers (to access blocked websites, you know...)

My OS:
Debian 9 (self-upgraded from Debian 8), kernel: 2.6

I encounter the following issues:
1. i installed openvpn through https://github.com/pl48415/openvpn-install-advanced. All is well, installation was smooth, created a client. But upon connecting from smartphone, it always fail. I know there's something to do with iptables, but I have no idea on how to configure it... I also cant see tun port on ifconfig.
2. In regards to docker images, i know i have limited ports, the easiest way is to use tunneling service like ngrok, but I want to host it to my own domain, like vps.mydomain.net. I have setup A record pointed to the public IP address, installed apache, but I am not sure on how to forward to the domain.

Thank you so much! Stay safe!

Comments

  • codelockcodelock Member
    edited August 26

    Have you turned TUN/Tap on in control pannel?

  • NAT VPS only exposes a dozen of ports (usually 20). There is no problem for outgoing connections, but incoming connections are restricted to those exposed ports.
    You don't need iptable. All you need is to change the listening port of your service (e.g. OpenVPN or Apache) to those exposed ports.

    For domain names, they don't care about ports but only IP addresses, but you must add port number to your url to reach your VPS.

    There're other ways to play with it. NAT VPS typically provide IPv6 addresses. You can setup (free) cloudflare CDN to proxy IPv4 requests to IPv6 targets (this is only valid for http). And there are HTTP based VPN solutions such as V2ray.

  • @codelock said:
    Have you turned TUN/Tap on in control pannel?

    I cant find it in Wishosting panel...

  • You cannot run docker on openvz6. The kernel is too old.

    Thanked by 1khvmaths

    I came, I saw, I record the world burn.

  • @elliotc said:
    You cannot run docker on openvz6. The kernel is too old.

    I tried to update the kernel, and no luck, it won't work as what I expected too. Just curious, is it possible to upgrade directly to a newer dist like how win 8 can upgrade to win10 (sorry it sounds dumb)?

    @supertoon said:
    NAT VPS only exposes a dozen of ports (usually 20). There is no problem for outgoing connections, but incoming connections are restricted to those exposed ports.
    You don't need iptable. All you need is to change the listening port of your service (e.g. OpenVPN or Apache) to those exposed ports.

    For domain names, they don't care about ports but only IP addresses, but you must add port number to your url to reach your VPS.

    There're other ways to play with it. NAT VPS typically provide IPv6 addresses. You can setup (free) cloudflare CDN to proxy IPv4 requests to IPv6 targets (this is only valid for http). And there are HTTP based VPN solutions such as V2ray.

    I understand that domain name is like a mask to IP, but can i totally eliminate the port number at the enf?

  • @khvmaths said:
    I understand that domain name is like a mask to IP, but can i totally eliminate the port number at the enf?

    In the DNS record, there is no port number. e.g. www.example.com -> 12.34.56.78
    But since http implies port 80 and https implies port 443, which are not exposed in your VPS, you have to specify the port i.e. http://www.example.com:12020

    If you want to eliminate the port number in the URL, perhaps the only viable way is cloudflare + ipv6 as I mentioned above.

  • @khvmaths said:

    @elliotc said:
    You cannot run docker on openvz6. The kernel is too old.

    I tried to update the kernel, and no luck, it won't work as what I expected too. Just curious, is it possible to upgrade directly to a newer dist like how win 8 can upgrade to win10 (sorry it sounds dumb)?

    In openvz, kernel is shared. In short, You cannot run docker on that NAT vps(openvz6). If you want to run docker, you need openvz 7 or kvm. KVM is suggested and I have not try docker in openvz7 myself before.

    Thanked by 1khvmaths

    I came, I saw, I record the world burn.

Sign In or Register to comment.