Hi. I have just started my journey. How do I direct incoming traffic to my minipc? I have received a static ip from my isp but their router does not have any settings exposed to end users. Is this possible to do without touching the router?
Edit: Thanks all for valuable feedbacks. The router they provided had a different superadmin account which had the settings like NAT, DMZ etc. Also it is able to work in bridge mode. So I can add my own router if I need some additional functionality. Will be tinkering a lot in coming days. So hopefully, I get some more insights into it.
By default a router would reject all incoming connections. Your alternatives are:
Configure the ISP router to forward a port.
Configure the ISP router to set your own router or PC as DMZ, which means forwarding all connections.
Configure the ISP router to work in bridge mode rather than router mode, meaning it will act as if it wasn't there (but will still login to the ISP connection) and let your own router or PC handle things.
If you cannot configure the ISP router in any way, only solution remains to replace it with your own router. Whether this will work depends on how it connects to the ISP (both the physical connection type and the login).
It doesn't make sense for the ISP to allocate a static public IP without letting you make any configuration to use it, so perhaps talk to them to figure out your options.
Thanks a lot for the info. It let me to the solution. Talking to ISP about above settings, I was made aware of another superadmin account for router that made it possible.
I know there are higher orders of nerds than me who will have some supremely elegant solution, but you identified as a beginner, so here are my two cents:
Going the static IP route and directly exposing your server to the outside world is a potentially major security hazard unless you know what you’re doing. Especially when getting started, it may be a good idea to consider using a router with built in VPN capabilities for accessing your network remotely when you need SSH access, or other maintenance tools.
Media serving software like Plex and Jellyfin will be able to serve content without the VPN just fine, and it will keep your more vulnerable controls behind your network security as you are learning and getting things set up. As you get more experienced and ambitious, then you can consider exposing your setup to the outside world, but be sure to put in security safe guards so you don’t get brute forced by bots like a back alley cyborg hooker.
VPN routers are cheap, security breaches are not.
I consider myself at a somewhat moderate level of proficiency at this point, but I still use the VPN system for my server because I never have to worry about it. It takes two seconds to check the OpenVPN toggle if I’m away from home and need to restart something, but 99% of the time, the content servers just work and my major maintenance can wait until I’m on the same network.
Glad it helped! I didn’t want to derail your plan if you knew what you were doing, but your question reminded me of when I was first starting, so I wanted to provide a beginner friendly solution in case you needed it.
My ISP had the same problem, ultimately I was able to convince them to let me use my own router. In doing that, I was able to at first use a standard off the shelf router and later a pfsense firewall to handle NAT that exposed my servers to the outside world.
Before I was able to do that, I was pretty convinced I wasn't going to be able to self host. There are other options, such as special VPNs for self-hosting, but that's not really the point, is it?
Not sure about OP. Altice/Suddenlink doesn't let you have access. The garbage modem/router/wifi combo they send out is locked down and they won't give you access to the admin interface. Shitty comoany.
Thanks. I updated the post with more info. Its an unknown local brand which modifies chinese product. Some settings are still in chinese and there is no documentation.