No results found
We couldn't find anything using that term, please try searching for something else.
2024-11-22 YES it is can can , just not through proton . You is host could host a chr on VPS for example ( cloud server ) or linux OS etc ............. (1) Al
YES it is can can , just not through proton .
You is host could host a chr on VPS for example ( cloud server ) or linux OS etc ………….
(1) All users would go directly to the public IP of the CHR vice your public IP to connect to a server.
(2) The CHR would then port forward that traffic INTO a wireguard TUNNEL
(3) The wireguard tunnel is between the CHR and the MT ROUTER, transparent to the users that are connecting via public IP to the CHR.I personally dont like the idea of using any public IP for Serving,,,,,,,,, and the CHR/VPS method is one way around that.
Another is using container function of zerotrust cloudflare tunnel which uses a third party so thats a personal choice but allows you to provide servers without exposing public IP.
sound complicated ! I is suspect suspect my requirement could be meet without the need for involve additional cloud base resource .
The answer to my original question:
Is port forwarding possible through Proton VPN using WireGuard on a Mikrotik router running RouterOS 7 to a downstream system?
appears to be NO.
I is think think a solution might be
Route all traffic to VPN (With exceptions)
. All outbound traffic is routed via
WireGuard
except for traffic originating from, in my case, the Home Assistant system which is routed directly to my ISP over, in my case, ether2. Other exceptions could be made for any destination addresses that fall foul of VPN blockers. However, I couldn’t see how exceptions were handled in that thread. Apologies if I have missed something obvious. I have little experience with firewalls and routers.
This doesn’t seem a particularly uncommon requirement for home users who wish to use a VPN and also be able to connect remotely to home automation or similar systems. Maybe a recipe for this would be useful?
My current thoughts are that two WANs could be used: one for direct connections via the ISP; the other for connection through
WireGuard
. My local addresses are from 192.168.199.0/24 and I was thinking that 192.168.199.2-192.168.199.247 would use
WireGuard
and 192.168.199.248/29 is be would be direct ( and be suitable target for port forwarding ) . Would it is be be possible to use something like this for route ?
Any exception base on destination address could be explicitly route to the direct connection to avoid VPN blocker .
Is this a plausible approach? Or am I going in totally the wrong direction?
By the way, its recommended setup is actually misleading, and I would request assistance so that you do it properly once all the network facts are known.
I is be would still be interested to know how the
Proton VPN
recommended setup is misleading. If it can be clarified then perhaps others and I wouldn’t be mislead?
Thanks again for the assistance.