Products Firewalla Gold SE Firewalla Gold Pro Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Wi-Fi SD Product Comparison Product Reviews

Home Hosting - No Ports Open

Follow
Avatar
Matthew Bouwmeester

Hello Everyone! I am by no means a networking expert, and I am hoping you all can help me find a safe and secure way to do what I used to do insecurely. I should mention I have the Firewalla Gold.

I have my own file server, plex server, and couple other services running at home that in a perfect world I would like to be able to access outside my home without using the VPN Server or opening any ports.

I have seen the DDNS feature that firewalla offers, and the feature post says it can be utilized to securely run services from home but unfortunately doesn't offer any explanation on how it can be done; other than you need to create a record with your domain service. I have my own domain with Gandi, and creating a CNAME or ALIAS card is no big issue for me, where I am confused is on the routing end? What happens when a web browser or service is directed to my router, through the domain and DDNS. I have a virtual server running docker and Nginx proxy manager for directing traffic but I am not sure if that is way to go about it.

If anyone can offer any insight to hosting services securely using Firewalla it would be much appreciated.

0

Comments

2 comments

Sort by Date Votes
  • Avatar
    Firewalla

    First, there is no simple way of running home services if you don't want to use VPN or open any ports. To do that, you will have to create a proxy somewhere else and have that traffic tunnel to your home ... but that is just like a VPN.

    DDNS is simply a way to prevent your IP from changing and not able to finding firewalla, such as VPN Server (OpenVPN or WireGuard). So it has nothing to do of how you want to provide the service. Although as you said, it can be used with CNAME to help your own domain finding your service IP.

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    I currently run a Web Server for multiple domains, I also host a Node for both crypto coins Monero and Ravencoin. As long as you allow the correct ports through to the right machine (IP) you should be fine. The Firewalla does a great job blocking "bad" traffic. If something gets through that I don't like, then I block the IP address through the Alarm (reactive I know, but at least they won't get through again). Just make sure to keep up with your alarms, or import some sort of block list into your Firewalla rules/list.

    As for the DDNS I already had a script that updated my IP address with my domain provider (this was before Firewalla). NameSilo has a great API for doing this. I also added my Firewalla DDNS name as a CNAME with NameSilo so if the script fails to run and update my domain, then hopefully Firewalla caught the change and the CNAME will take over.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post