I’m a beginner in networking things but due to my ISP I can only open a certain range of ports in my router to be accessible from the outside of my network (something like ports 11000-11500).
That means I can’t open port 443 to access my reverse proxy from the outside. Is it possible to redirect all traffic that’s coming from one of the ports in the range to port 443 of my server?
I haven’t found that possibility in my router (Fritzbox 7530) so is there a way to do this on my server (running Fedora Server)?
that honestly had me wondering just how the FritzBox knows the ISP doesn’t allow it, but that’s a different topic
Because the Fritzbox uses a DS-Lite tunnel.
Because the Fritzbox uses a DS-Lite tunnel.
Thanks, that pointed me in the right direction!
If I’m understanding https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-3490/1611_What-is-DS-Lite-and-how-does-it-work/ and https://superuser.com/questions/1301857/using-pcp-port-control-protocol-in-practice correctly it seems that it’s technically via PCP (Port Control Protocol) that this is known, rather than DS Lite per se, but also that PCP only comes into play here because DS Lite is being used.
(Why point out the distinction? For future readers. I can imagine some braindead ISP somewhere (likely a super cheap reseller) offering DS Lite but then not knowing about PCP, and either not offering port forwarding at all - or they do but you have to fill out a form and snail mail them and then they snail mail you back a printed letter containing a list of port mappings.)