Hi,Let me be quick. My ISP uses a CGNAT, but I managed to call them and they promptly unlocked port forwarding for me, without charging anything (without any caveats, apparently). A fixed IP has to be paid apart, they said.
As the router they provide has builtin DDNS support I dispensed the offer and began forwarding all my serviced to the web (Plex, bit torrent client, etc).
However (here's the caveat), webservers themselves will get me a connection_timed_out error immediately. I needed those to perform the SSL cert validation and nothing worked (I tried IIS, Nginx, Apacha, Mongoose, Fenix Web server, lighttpd), neither on Windows or Linux. Not even certbot's internal webserver worked.
Eventually I got the certificate using DNS validation, but it puzzles me why in the fucking hell only webservers can't be accessed. I can forward any port from 80 up to 65535 and access any server through them. With webservers, however, I can access them only from my network.
How is it possible? Is it something my ISP is up to?
No comments:
Post a Comment