Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ
Ξ We've updated our CA certificate. All members need to be using the latest ones by Dec 22. See this page for more infoΞ

Good idea to run servers through cryptostorm?

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)

Topic Author
Espionage724
Posts: 1
Joined: Sun Nov 08, 2015 6:32 pm

Good idea to run servers through cryptostorm?

Postby Espionage724 » Sun Nov 08, 2015 6:40 pm

Hi, I recently heard about CS through some posts elsewhere and it looks pretty interesting. I really like the transparency going on here too!

I run a few public-facing servers (mainly really small-time stuff; a couple game servers, mumble, and a low-traffic website (only through SSL/443; nothing on HTTP/80)) on my own connection. I would be interested in running my entire network through CS (by setting up a OpenVPN client on the router).

I don't have too much experience with VPNs and self-hosted servers, so I'm not too certain how port forwarding and my domain name would work. Would the ports I use now just work when going through CS, or would/could I request said ports to be open somewhere?

User avatar

parityboy
Site Admin
Posts: 1220
Joined: Wed Feb 05, 2014 3:47 am

Re: Good idea to run servers through cryptostorm?

Postby parityboy » Mon Nov 09, 2015 6:26 am

@OP

The Cryptostorm network does not support static port forwarding for servers or seedboxes, however all is not lost. :)

The way to do it is to have the first hop go from your router (or dedicated VPN gateway) to a Cryptostorm exit node. The second hop is tunnelled through/routed over the first hop and goes from the server running Mumble or w/e behind that router or VPN client gateway to a Linux VPS or dedicated server that you rent, also running OpenVPN. For the second hop, the OpenVPN instances would probably best run in site-to-site mode, as opposed to the usual client/server mode for the first hop.

On that server, you use iptables to redirect packets from the public Internet back down the second hop to the target server, like this:

Code: Select all

                          |exit node|<---->|VPN client|
|Internet|<----->|VPN Node|<------------------------->|VPN Node|<----->|Mumble server|


Hope this helps. :)


Return to “general chat, suggestions, industry news”

Who is online

Users browsing this forum: No registered users and 18 guests

Login