Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Good idea to run servers through cryptostorm?

Freewheeling spot to chew the fat on anything cryptostorm-related that doesn't fit elsewhere (i.e. support, howto, &c.). Criticism & praise & brainstorming & requests for explanation... this is where it goes when it's hot & ready for action! :-)

Topic Author
Espionage724
Posts: 1
Joined: Sun Nov 08, 2015 6:32 pm

Good idea to run servers through cryptostorm?

Postby Espionage724 » Sun Nov 08, 2015 6:40 pm

Hi, I recently heard about CS through some posts elsewhere and it looks pretty interesting. I really like the transparency going on here too!

I run a few public-facing servers (mainly really small-time stuff; a couple game servers, mumble, and a low-traffic website (only through SSL/443; nothing on HTTP/80)) on my own connection. I would be interested in running my entire network through CS (by setting up a OpenVPN client on the router).

I don't have too much experience with VPNs and self-hosted servers, so I'm not too certain how port forwarding and my domain name would work. Would the ports I use now just work when going through CS, or would/could I request said ports to be open somewhere?

User avatar

parityboy
Site Admin
Posts: 1085
Joined: Wed Feb 05, 2014 3:47 am

Re: Good idea to run servers through cryptostorm?

Postby parityboy » Mon Nov 09, 2015 6:26 am

@OP

The Cryptostorm network does not support static port forwarding for servers or seedboxes, however all is not lost. :)

The way to do it is to have the first hop go from your router (or dedicated VPN gateway) to a Cryptostorm exit node. The second hop is tunnelled through/routed over the first hop and goes from the server running Mumble or w/e behind that router or VPN client gateway to a Linux VPS or dedicated server that you rent, also running OpenVPN. For the second hop, the OpenVPN instances would probably best run in site-to-site mode, as opposed to the usual client/server mode for the first hop.

On that server, you use iptables to redirect packets from the public Internet back down the second hop to the target server, like this:

Code: Select all

                          |exit node|<---->|VPN client|
|Internet|<----->|VPN Node|<------------------------->|VPN Node|<----->|Mumble server|


Hope this helps. :)


Return to “general chat, suggestions, industry news”

Who is online

Users browsing this forum: No registered users and 13 guests

Login