this post was submitted on 03 Sep 2024
17 points (75.8% liked)

Selfhosted

40329 readers
401 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I'm a beginner in networking things but due to my ISP I can only open a certain range of ports in my router to be accessible from the outside of my network (something like ports 11000-11500).

That means I can't open port 443 to access my reverse proxy from the outside. Is it possible to redirect all traffic that's coming from one of the ports in the range to port 443 of my server?

I haven't found that possibility in my router (Fritzbox 7530) so is there a way to do this on my server (running Fedora Server)?

you are viewing a single comment's thread
view the rest of the comments
[–] abff08f4813c@j4vcdedmiokf56h3ho4t62mlku.srv.us 2 points 2 months ago (1 children)

So, here's a page from the online manual that specifies how to do this specifically for the FritzBox 7530

https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-7530/893_Configuring-static-port-sharing-in-the-FRITZ-Box/

Based on the original post though I am 100% sure that OP has already seen this page, already tried it, and therefore knows that the warning under 2.10.b. applies to the OP's case (i.e. FritzBox doesn't allow it from UI because the ISP doesn't allow it - that honestly had me wondering just how the FritzBox knows the ISP doesn't allow it, but that's a different topic).

[–] Tywele@lemmy.dbzer0.com 1 points 2 months ago (1 children)

that honestly had me wondering just how the FritzBox knows the ISP doesn't allow it, but that's a different topic

Because the Fritzbox uses a DS-Lite tunnel.

Because the Fritzbox uses a DS-Lite tunnel.

Thanks, that pointed me in the right direction!

If I'm understanding https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-3490/1611_What-is-DS-Lite-and-how-does-it-work/ and https://superuser.com/questions/1301857/using-pcp-port-control-protocol-in-practice correctly it seems that it's technically via PCP (Port Control Protocol) that this is known, rather than DS Lite per se, but also that PCP only comes into play here because DS Lite is being used.

(Why point out the distinction? For future readers. I can imagine some braindead ISP somewhere (likely a super cheap reseller) offering DS Lite but then not knowing about PCP, and either not offering port forwarding at all - or they do but you have to fill out a form and snail mail them and then they snail mail you back a printed letter containing a list of port mappings.)