Access to Syncloud server behind CGNAT IP address

I am using StarLink. What I found is that StarLink provides CGNAT IP address and not public IP address. From my research appears that more and more ISPs are going this route due to the limited availability of IPv4 addresses and not wide enough adoption of IPv6. My question is can Syncloud handle this situation and how? I would assume, I am not the first and only one who is in such situation.

What is a recommended solution? I have found so far couple of suggested approaches: using VPS with public IP, or VPN service that can provide public IP. What are your thoughts on those approaches? Is there a better solution for Syncloud? I noticed now Syncloud provides OpenVPN app. Could the VPN app be used to create a tunnel to the Syncloud server and be used to bypass the CGNAT IP issue? If so, is there a How To on configuring Syncloud with OpenVPN app for such purpose?

Thank you very much for your help and guidance.

Tailscale worked for me.

The lack of ipv6 on Starlink is really frustrating and I had to switch back to old school broadband because of that. I hope it will come eventually :frowning:

@janseta if you have done something like this could you share a bit more details on high level procedure?

@janseta please share some more details on what did you do. How are you using Tailscale?

Thanks a lot!

My advise is:
1 - make a gmail account specially and only for sigin in tailscale.
For example:
2- Get in Tailscale and make an account using that gmail account.
3 - Install Tailscale in raspberry
4 - install Taiscale in Windows, android devices, mac, etc

You can find many tutorials about installing Tailscale.
This is one, well explained:

and this is another:

Thanks a lot @janseta! These are nice guides. I will try to implement Tailscale in my case and will report here my achievements and findings.

Hi @boris, I am still struggling to bypass the CGNAT but meanwhile seems StarLink started assigning IPv6 address along the IPv4 CGNAT address. I see now my Router shows this IPv6 address: 2605:59c8:400:5cc8:4262:31ff:fe08:5b1b/64 as assigned through DHCPv6 by the provider (StarLink).

I do not know enough about IPv6 yet. Is that a good, legitimate IPv6 address that could be used for accessing my Syncloud server? If so, could you point me to a Wiki or provide some guidance how to setup my Router (OPNSense) and Syncloud server to work with IPv6. I am not sure if this IPv6 address would be changing regularly over time as the IPv4 Dynamic addresses do or it is more like a static address? Any help and guidance in this direction will be greatly appreciated.

Thanks a lot

Great, ipv6 is always static public ip and you usually get a range of them for you to use.
Try to enable ipv6 support on your router if it is not already enabled, you can google opnsense (I never used it myself). Then check Syncloud - Settings - Network if you have ipv6 address there. Also enable external access Settings - Access and check ipv6 only.

If not secret which country are you from? Last time I checked In UK starlink was not giving ipv6.

Thanks @Boris! I am in USA and noticed the IPv6 address just a few days ago. Before I was getting only something called “IPv6 link-local” address but not the actual “IPv6 address”. It must be a new thing and I have not heard anything official, just see it in my router info. Not sure even if it is officially supported yet. This is why I asked if it looks legitimate. :slight_smile:

On the configuration side of things. Do I still have to configure the Router to forward the port 443 to the Syncloud server? Is the concept of ports same in IPv6 as in IPv4? I guess also need to configure the local Router DHCPv6 to assign IPv6 address to the Syncloud server, right? Anything else that I need to take care in regard to the IPv6 beyond what you already mentioned above?

I hope, I will be able to play with that over the weekend and will report here any results and findings.

Thank a lot for your help!

Nothing special on device as long as router assigns ipv6 to Syncloud device it should be enough.

But again I do not have ipv6 to test right now, but last time I had everyhting was working ok. I think many users actually have ipv6.