Linux: NAT punchback for VPN/SSH services [closed]

ssh linux nat ssh-tunnel

I have remote Linux server behind NAT, without ability to forward ports. All outbound ports are open though. I need to be able to connect to OpenVPN & SSH ports on this server from arbitrary PCs / mobile devices which all have dynamic & unpredictable IP. What is the best approach to achieve that?

If needed, I can use another public Linux server where I control all ports to assist in establishing the connection, but ideally I would want a way to establish direct connection without passing traffic through intermediate proxy.

I am interested in the most standard/robust method. It might be known technique, but it seems I don't know proper keyword to search.


Solution 1:

Implement IPv6 and make the NAT obsolete.

Assign the servers static IPv6, global scope addresses out of your address plan. Allow the expected services through firewalls. Ensure clients have IPv6, native where possible, 6in4 or other transition methods if necessary.

Related

Dell R720 - can't install any operating system
Proftpd server: Server does not support non-ASCII characters
Is everything OK based on this DMARC report?
Recommended values for mon osd down out in ceph
How to view journalctl without rebooting system in RHEL 7/8?
Kubernetes + AWS Lambda [closed]
Why is SELinux blocking my Zabbix agent's sudo calls?
Rsyslog rotates, but still logging to old log
What is the proper way to configure /etc/fstab on an ec2 instance?
Ansible: updating select packages if installed without installing if not
Masking CNAME/A Record Requirements from Clients
Ubuntu juju and Eucalyptus?