Hi, I switched service provider at the cottage and the new one uses CGNAT and I therefore can no longer directly access my systems at the cottage (I used to do it through ddns and duckdns.org). These systems are all residing behind a proxy server at the cottage encrypting their traffic over the internet (so only that proxy service is visible to the outside world). The services I have there is my Home Assistant, my security cameras and my weather station. The remote access used to come from my other Home Assistant at home, whatever PC I might be using, my phone and even my watch so a cloud service that requires something to be installed on the devices I carry with me won’t work.
Transferring these services to a cloud provider will not work since all of them need access to devices residing within the cottage network (ie, Tasmota devices for Home Assistant, camera feeds for the security system and weather station probes for the weather station software).
I was thinking of writing a Python software that would run on the Raspberry Pi 4 at the cottage that would open a (persistent) connection to a Raspberry Pi 4 at home (where I do have a (dynamic) public IP) running another Python program listening for such connection and also listening for incoming connections from clients (ie, me, through whatever PC, my phone or watch). That home Raspberry Pie would then be a gateway to redirect the traffic to the cottage proxy server through that ‘tunnel’.
Before going this route and investing time into this, I wanted to check if someone did something similar that I could use instead or had other ideas.
Thanks.
Since I don’t see it mentioned in this thread, wouldn’t enabling IPv6 allow you to do what you want?
Tried that, but couldn’t get it to work and after talking with my provider’s support team, I learnt that they don’t let IPv6 connections in.
That’s a pretty strange statement from your ISP. You should be able to configure your router to allow traffic to whatever IPv6 address that you want.
Yeah, I didn’t want to push it further with them so I tried on my own and had some success but it was flaky, so I dropped that idea.
Some providers will sell you a public/static IP address for a monthly fee, which would make the CGNAT a non-issue. I’m not saying that is the route to go. . . just a possibility.
Tried that, they only have public IP addresses for their satellite Internet connections (which sucks). They don’t have public IP addresses for their fiber network. I was pissed when I learnt that because I specifically asked the sales lady when subscribing if they have public IP addresses and she said yes. Only once installed and I tried to get my public IP addresses did I found out the truth.
Who is the carrier?
You could also do this with CloudFlare Access, but Tailscale is probably easier if you’re not already using CloudFlare for anything
Not using CloudFare for anything, no.
Tailscale
Seems the most popular product.
I have a remote cabin that’s semi off the grid. It has a starlink connection and I use tailscale. Works flawlessly
Thanks.
Nabu Casa?
I use that at home (which also gives me Alexa integration) and used the Remote Assistant plugin for the one at the cottage. For now, I connected that Home Assistant to its own trial version of Nabu Casa until I get another way of connecting both together. It doesn’t solve my security camera and weather station remote access though, especially through my watch (for the weather station).