So, you want the traffic to go other way around. Traffic from the HomeNet should go to the internet via FriendNet, right? In that case, if you want the raspberry box to act as a proxy (or vpn) server, you need to forward relevant ports on the FriendNet to your raspberry pi so that your HomeComputer can connect to the raspberry box.
Or you can set up a VPN and route traffic trough that to the other way. Tunnels work both ways, so it’s possible to set up a route/http proxy/whatever trough the VPN tunnel to the internet, even if the raspberry box is the client from VPN server point of view.
I don’t immediately see the benefit of tunneling your traffic trough the FriendNet to the internet, unless you’re trying to bypass some IP block of something other potentially malicious or at least something being on the gray area. But anyways, you need a method for your proxy client to connect to the proxy server. And in generic consumer space, that needs firewall rules and/or port forwarding (altough both are firewall rules, strictly speaking) so that your proxy server on raspberry box is visible to the internet in the first place.
Once your proxy server is visible to the internet it’s just a matter of writing up few scripts for the server box to send a message to the client end that my public IP is <a.b.c.d> and change proxy client configuration accordingly, but you still need some kind of setup for the HomeNet to receive that, likely a dynds-service and maybe some port forwarding.
Again, I personally would set up something like that with a VPN tunnel from raspberry box to the HomeServer, but as I don’t really undestand what you’re going after with setup like this it’s impossible to suggest anything else.
So, you want the traffic to go other way around. Traffic from the HomeNet should go to the internet via FriendNet, right?
That is what I would like to achieve, yes. Since I want to avoid setting up port forwarding on FriendNet, I would need to configure port forwarding on HomeNet. The Raspberry Pi would have to act a client, and either the home server or the home computer would act as the server, and the Raspberry Pi would proxy traffic from the server to the internet.
I can’t think of how it would work in practice, though. I’m assuming in this case the home server would act as a proxy between the home computer and the Raspberry Pi, and the Raspberry Pi would act as a proxy between the home server and the internet. Unless there’s an easier way that would remove the home server entirely, that might be the best way to do it.
Tip for OP is to explain wanted outcome, not process to get there. Its hard to do, but gives better results
Besides being able to learn about all of this, this would be the ideal outcome:
Send the Raspberry Pi to a friend who knows about this
Have the friend plug in the Raspberry Pi to his Ethernet
Use the friend’s network as a VPN/proxy/whatever to obscure my home IP address
I wouldn’t want to make the friend set up port forwarding or configure the Raspberry Pi himself, I want to do as much as I can on my own. And, if that friend ever relocates his residence or changes his ISP, setting it up again should be as easy as him plugging in the Raspberry Pi to the new network and I reconfigure it from my end.
Use the friend’s network as a VPN/proxy/whatever to obscure my home IP address
And then your friend is responsible for your actions on the internet. The end goal you described is so vague that at least I wouldn’t let your raspberry connect on my network.
There’s a ton of VPN services which give you the end result you want without potential liability or other issues for your friend. If you just want to tinker, this thread has quite a bit of information to get you started.
I have a feeling OP’s “friends” wont necessarily even be aware hes connected the device to their network. It sounds to me like he wants something he can hide places to take advantage of unsecured or public networks without having to sit there with his laptop doing whatever shady shit he has planned.
Then an exit node is what you want. You can set up with vpn like wireguard using port forward on your side. The raspberry would connect using static ip or dynamic dns.
You can get tailscale basic tier for free, and that will provide an easy to use solution
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.
Rules:
Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
selfh.st Newsletter and index of selfhosted software and apps
So, you want the traffic to go other way around. Traffic from the HomeNet should go to the internet via FriendNet, right? In that case, if you want the raspberry box to act as a proxy (or vpn) server, you need to forward relevant ports on the FriendNet to your raspberry pi so that your HomeComputer can connect to the raspberry box.
Or you can set up a VPN and route traffic trough that to the other way. Tunnels work both ways, so it’s possible to set up a route/http proxy/whatever trough the VPN tunnel to the internet, even if the raspberry box is the client from VPN server point of view.
I don’t immediately see the benefit of tunneling your traffic trough the FriendNet to the internet, unless you’re trying to bypass some IP block of something other potentially malicious or at least something being on the gray area. But anyways, you need a method for your proxy client to connect to the proxy server. And in generic consumer space, that needs firewall rules and/or port forwarding (altough both are firewall rules, strictly speaking) so that your proxy server on raspberry box is visible to the internet in the first place.
Once your proxy server is visible to the internet it’s just a matter of writing up few scripts for the server box to send a message to the client end that my public IP is <a.b.c.d> and change proxy client configuration accordingly, but you still need some kind of setup for the HomeNet to receive that, likely a dynds-service and maybe some port forwarding.
Again, I personally would set up something like that with a VPN tunnel from raspberry box to the HomeServer, but as I don’t really undestand what you’re going after with setup like this it’s impossible to suggest anything else.
That is what I would like to achieve, yes. Since I want to avoid setting up port forwarding on FriendNet, I would need to configure port forwarding on HomeNet. The Raspberry Pi would have to act a client, and either the home server or the home computer would act as the server, and the Raspberry Pi would proxy traffic from the server to the internet.
I can’t think of how it would work in practice, though. I’m assuming in this case the home server would act as a proxy between the home computer and the Raspberry Pi, and the Raspberry Pi would act as a proxy between the home server and the internet. Unless there’s an easier way that would remove the home server entirely, that might be the best way to do it.
To me it seems like he wants to be able to «bring along» his homenet services without exposing them on the internet.
Tip for OP is to explain wanted outcome, not process to get there. Its hard to do, but gives better results
Besides being able to learn about all of this, this would be the ideal outcome:
I wouldn’t want to make the friend set up port forwarding or configure the Raspberry Pi himself, I want to do as much as I can on my own. And, if that friend ever relocates his residence or changes his ISP, setting it up again should be as easy as him plugging in the Raspberry Pi to the new network and I reconfigure it from my end.
And then your friend is responsible for your actions on the internet. The end goal you described is so vague that at least I wouldn’t let your raspberry connect on my network.
There’s a ton of VPN services which give you the end result you want without potential liability or other issues for your friend. If you just want to tinker, this thread has quite a bit of information to get you started.
I have a feeling OP’s “friends” wont necessarily even be aware hes connected the device to their network. It sounds to me like he wants something he can hide places to take advantage of unsecured or public networks without having to sit there with his laptop doing whatever shady shit he has planned.
Then an exit node is what you want. You can set up with vpn like wireguard using port forward on your side. The raspberry would connect using static ip or dynamic dns.
You can get tailscale basic tier for free, and that will provide an easy to use solution
There is also headscale if you want self-hosted, but its not plug and play like tailscale/zerotier and similar mesh-vpn solutions