[plug] Bypass CGNAT for hosting website and email
James Henstridge
james at jamesh.id.au
Fri Oct 24 14:31:59 AWST 2025
On Wed, 22 Oct 2025 at 14:25, <alex at spottedmouse.com> wrote:
> For some time I have been researching options to host a website and email behind CGNAT. Cloudflare tunnels seemed to address the website nicely, but doesn’t support SMTP etc.
>
> Hosting a VPS and directing traffic over a VPN is another option. Any recommendations ?
>
> Ideally I am not looking to spend a lot of money on this as it is only for my home lab.
>
> Much appreciate any guidance and advise.
Having gone through some of this with the recent PLUG server move, you
will want a static IP address with reverse DNS pointing to your
domain. Without that, you may have difficulty getting other servers to
accept email from you.
This probably means renting a VM from some hosting provider. The new
PLUG server is using Binary Lane (https://www.binarylane.com.au/), who
are local and good value. They will set the PTR record for the IP
address to whatever you want. They'll also give you console access to
your VM via the website if you break things to a point where you can't
ssh into the VM.
While you could run your services on the VM, you could try something
like described here:
https://mjg59.dreamwidth.org/72095.html
In essence, run a Wireguard VPN tunnel between your home and the VPS,
and then use destination NAT and routing tricks to direct traffic down
the VPN to home. He's glossing over a few steps in his description of
the setup (e.g. I suspect he's not forwarding the same IP address as
he is using as the VPN endpoint), so it might not be a beginner
friendly option.
James.
More information about the plug
mailing list