This is an automated archive made by the Lemmit Bot.

The original was posted on /r/homelab by /u/GamerKingFaiz on 2025-01-12 02:20:54+00:00.

I just got a new ISP that is unfortunately using CGNAT, so I started researching solutions to get around this. I already reached out to them about a public IP address and said they don’t have this, but they’ll be adding IPv6 in the future.

In the meantime, I’ve found 2 potential solutions and want to confirm my understanding about them.

Cloudflare Tunnels

This service seems to be perfect for hosting the apps that I access over HTTP. It seems like it’ll be an in place replacement for my current reverse proxy with the added benefit of masking my IP address.

🟢 No extra apps on client devices necessary.

Tailscale

This seems like a replacement for wireguard, but the main feature I used wireguard for was to be able to VPN on my phone into my network. And the only thing that I had wireguard set up for was so my phone could use my Pi-hole DNS (ad blocking while I’m away from home). I’m not sure if Tailscale has this sort of functionality.

🔴 Here each client needs the requisite app to connect (similar to wireguard).

And as far as I understand, under CGNAT, there’s no way for me to replicate just being able to open a port (port forwarding) to allow an external connection.

For example, if I want to host a game server for friends, I can’t just open the port I need. Nor can I open a torrent client’s listening port.

Would love to hear confirmation on my understandings and any clarifications/suggestions y’all have!