Remote access/ Behind a NAT

I am very new to all of this so please forgive me.
i can access remotely on same home network but outside of home on say xfinity hotspot or my phone’s hotspot, i can’t remote in to my server. Tried following along from another forum here, seems NAT is my issue and a SSH tunnel would be the easiest way to deal with that. After attempting to follow along and alter the tlclient.conf file and messing with host_aliases im officialy at wits end and would just love to talk to anyone who knows what simple little thing im doing wrong or missing. ports 22, 300,9000 for thinlinc are forwarded in my xfinity gateway. ufw is enabled on both my server and my laptop which is running the exact same ubuntu instance, and the same ports are allowed in ufw. I can connect to my server via a ssh connection… like log in and run updates but my knowledge has so far been scour google for hours and trial and error. Any help and understanding would be greatly appreciated!

Hello @garrom, and welcome to the forum!

First of, sorry for letting you wait this long for a response from us.

I think the easiest way forward for you is to set up HOST_ALIASES.
This set up requires three steps to be taken.

    1. Configure HOST_ALIASES in ~/.thinlinc/tlclient.conf
    1. Start an ssh tunnel from your laptop to your internal server (over the forwarded port in xfinity)
    1. Connect with ThinLinc client, utilizing step 1 and 2
  1. Configure HOST_ALIASES in ~/.thinlinc/tlclient.conf

Replace with the actual internal IP address of your Ubuntu server.

Save tlclient.conf and exit

  1. Before launching ThinLinc client, set up the ssh tunnel to your internal server from your laptop:
ssh -L 2222: username@your.public.ip

Again, replace with the actual internal IP address of your Ubuntu server. Also replace your.public.ip with the public ip address of your xfinity router.

  1. Start ThinLinc Client. For the Server: field, you’ll enter the internal IP address of your Ubuntu server.

This connection will now look up the HOST_ALIAS parameter in tlclient.conf, and utilize the local tunnel on port 2222 to reach your internal server at.

Kind regards,

1 Like

Thank you so much! I thought I had it figured out when I downloaded tailscale lol! But for whatever reason my cruddy HP laptop from Walmart, I installed Ubuntu on just dislikes me for doing so. Ive even tried reinstallaling windows and I just can’t no matter what I try. But thats a problem for another day lol! This is working and I’m so frickin happy!