Hosting services directly over a 4G connection poses challenges due to dynamic IPs, NAT complexities, and port restrictions. Tailscale provides a solution, simplifying dynamic IP management, NAT traversal, and port forwarding. This article outlines the steps to host seamlessly behind 4G using Tailscale.
Steps to Host Behind 4G with Tailscale
Get your VPS up and running. I went with digital ocean for this as they can do servers for $5 per month.
Install tailscale on your VPS and add it to your list of tailscale machines. This process is amazingly simple. Once you have your tailscale account set up, add a machine, pick your OS and the instructions can be copied and pasted into your VPS for setup.
Install and configure tailscale in pfsense. Here is my configuration. Please note the advertised route. This will be the destination host. In this instance this is my nginx proxy manager that can handle web requests.
Enable Tailscale Route: Enter your pfsense settings on tailscale machines list, making sure to enter the same route my host machine was 192.168.6.100/32 so in my case this is what I used.
Restart Tailscale on VPS: Restart Tailscale on your VPS with the option to accept routes, activating the changes made in the previous steps.
Set up SOCAT to handle port forwarding from the VPS. We want to port forward port 80 and port 443 to your on site server.
Check Status and Update Script: Use commands like systemctl status to check socat port-forwarding services. Update the script to allow port forwarding to other hosts if needed.
Test Configuration with Curl: Verify the effectiveness of your network configuration by using curl from the VM:bash
curl https://api.ipify.org?format=json
Check your website is up. At this stage your website should be accessible from outside.
By following these steps, you can overcome the challenges associated with hosting behind a 4G connection, ensuring a streamlined and secure hosting environment using Tailscale.
Leave a Reply