legoraftAug 14, 2023

Access local cockpit instance without port forwarding

https://lemmy.world/post/3187190

Access local cockpit instance without port forwarding - Lemmy.world

Hi, I’ve recently built myself my first server to host a minecraft server. I manage this server through cockpit, which isn’t port forwarded. Now I’m going to move to a different place, but I want to keep that server at this house because of more stable internet and me moving to a smaller space, but I don’t know how I could access this server remotely. I’ve already tried adding a vpn to my router, but when connected, I still can’t access my cockpit dashboard. Am I doing anything wrong or do I need to port forward to access my cockpit instance remotely?

Show threadtvcvtAug 14, 2023

There’s not a lot of information to go on here, but my first thought is that you haven’t configured your VPN to route to the local network. So, while you may be getting a connection to the VPN server, your computer doesn’t know where to send traffic for Cockpit.

There is usually a way to push those routes to the client from your con server.

Show threadlegoraft

Hi! I’ve done a bit more thorough googling, because of you I knew what to look for a bit better. I have a wireguard vpn on my fritz box router enabled, which allows me to connect to the vpn from my laptop.

I’ve read up on how to acces local devices and I found something about adding an IP to the “AllowedIPs” section, but I don’t really get which IP I should add.

Aug 14, 2023 at 6:20pmWeb
Show threaddrktAug 14, 2023
It should be set to your local subnet, for example 192.168.1.0/24 see unix.stackexchange.com/…/make-local-resources-ava…
Make local resources available when connected to Wireguard VPN

BACKGROUND: I have configured a Wireguard VPN server on my local (private) network. [Say private network: 192.168.1.0/24] Wireguard clients have the same IP network 192.168.1.X There are some non-

Unix & Linux Stack Exchange
Show threadmomsiAug 14, 2023
This would tell the peer with this configuration to send all traffic for the whole 192.168.1.0/24 through the tunnel, not sure that is what OP wants. (Didn’t look at the link though)
Show threadmoonpiedumplingsAug 16, 2023
While not what OP wants, this is what I want, but it isn’t working for me. I am trying expose a subnet behind nat, to a public server. I am currently testing this by attempting to expose the vlan created by libvirt on my laptop to my public vps. I followed the linked point to site guide, and ironically, the virtual machines created on my laptop can access the wireguard subnet, but public vps cannot access the virtual machines? I am guessing because I am doing this somewhat backwards, where the device exposing the lan is behind nat, whereas it is the other way around in the guides that I have seen.
WireGuard Point to Site Configuration

How to set up two WireGuard peers in a Point to Site (masquerading) topology.

Pro Custodibus