I was trying to set up a small home server.
I use dynamic IP adress. My router's wan adress is like this 100.70.81.xxx and my public ip is 81.213.177.xx
I made port forwarding in my router. www, smtp and pop3 ports are open. But still my server is not accessible from public internet I think.
So should my computer be behind a Carrier Grade NAT. If this is the case is it still possible to set up a web server behind a CGN?
Your router's "WAN" address is from the private 100.64.0.0/10 range (which is kinda like 192.168.x, but dedicated specifically to CGNAT). So that means you're behind CGN and the global address you're seeing is shared between multiple customers.
So the only ways to set up a server behind a NAT you don't control are:
Make the ISP do port-forwarding... yeah, that's not gonna happen. (Even though in theory NAT-PMP was supposed to permit that.)
Obtain your own global address from somewhere else, for example there are VPN providers which support server hosting and can give you a static address.
If you have IPv6, that would be globally reachable, though you'd additionally need a service which can proxy connections from IPv4-speaking clients to your IPv6-only server (e.g. CloudFlare might do the job).
(IPFS also comes to mind as option 3¾ – recently I've seen a few static-page websites hosted via "web-to-IPFS" proxy servers. From the outside it looks like a completely normal domain which is aliased to gateway.ipfs.io.)
ngrok working fine for me. I was about to bang my head but you saved me. my router is behind CGNAT. I signed up in ngrok with free account and believe me its free forever. just need to download ngrok for Linux go to installed dir, Unzip it and run ./ngrok tcp 22 --> i want to access my linux machine from internet over ssh you may like to open port 80 or whatever application you want to access on internet. once run completed it will give you dynamic link with port, you are done
Enjoy !!
I'd like to mention some other alternatives to ngrok. They are the following, in no particular order:
Serveo (Disabled at the time of writing)
Holepunch.io See pricing there
Packetriot See pricing there
Openport See pricing there
I'm currently testing the last one and I'm quite satisfied for my needs (personal usage, non-profit).
I had the same issue, I wanted to create a small home based web server and my computer was behind a Carrier Grade NAT so it was not possible to do port forwarding on my router and access my app outside my home network.
The solution I found is called ngrok. No need to do port forward anymore, it will create a secure tunnel to localhost and you'll be able to connect your web application from anywhere.
You do realize that you can bypass CGNAT with any commercial VPN, however, if you simply want to port forward behind a CGNAT then the process becomes a bit longer. Any VPN can do the trick as they provide a public IP.
Problem is when trying to host a server you need a dedicated IP, not static IP as static IP can be provided to other customers by your ISP, a dedicated a bit expensive is only reserved for you. So for a secure method go for dedicated IP and then port forward, if interested you can follow this process.
I ended up on this thread as I was looking for a similar thing with my router being behind a CGNAT.
I found Zerotier, this solution has solved my issue so I'm just leaving this as an option if someone else has the same issue.
