I have been hosting a few websites from my home server and it has taught me a lot. I have recently had major issues with the electrical storms, Kogan NBN support (Australia), and the NBN network in general. I know 4g is not fast, but I would like to use it so that in the event of a network outage, im not at the mercy of NBN. On to the question!

I run pfsense in hyper v with a 4 port nic which passes through those ports to pfsense.

I realized that 4g ip addresses are not public, which stops me from hosting the websites.

Reading into wireguard and vpn services my plan is to:

  • Set up a VPS ✅
  • Set up wireguard on the VPS ✅
  • Create a wireguard connection on my windows server, and pass that in as an interface to pfsense, so that hopefully, I wont need to change to much on my internal infrastructure.

Does this sound like an OK plan? I’m open to any other ideas where I can achieve the following:

web app >> nginx >> pfsense >> vpn tunnel >> VPS with Public IP (can be dynamic)

Thanks!—

  • RedFox@infosec.pub
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    You’re on the right track. As long as wiregurd on the VPS will allow an incoming connection from you home 4g, which will probably be CGNAT, it’ll work. Did you look into running the NGINX reverse on the VPS? I like terminating external stuff on cloud side, then only bring filtered or desired traffic over the tunnel.