How to use pi1.domain.com and pi2.domain.com instead of router.domain.com:8001 and router.domain.com:8002?

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

XIII

Very Senior Member
In my current network setup I have two Raspberry Pi's behind my router, that I want to access from all over the world using SSH (yes, I know many people consider this unsafe and I should use OpenVPN, but let's leave that for another discussion for now).

I have opened two different ports on my router and forward those ports on the router to the Pi's:
  • port 8001 on router -> port 22 on Pi 1
  • port 8002 on router -> port 22 on Pi 2
Additionally I own a domain name and have set a DNS record for the subdomain "router" to the IP address of my router.

Thus, I can access the Pi's via these addresses:
  • Pi1: router.domain.com:8001
  • Pi2: router.domain.com:8002
What I would rather want is this:
  • Pi1: pi1.domain.com
  • Pi2: pi2.domain.com
How can I achieve this, if at all?

Someone suggested me to use nginx as a reverse proxy, but many posts on the internet state this cannot work for the SSH protocol because domain names are not included in requests.

How do I get this to work?
 

PeterR

Regular Contributor
I don't know if you can proxy SSH, why not use a VPN tunnel?
 

XIII

Very Senior Member
Can you please describe the VPN tunnel part?

(I'm not sure I have sufficient knowledge to understand what you mean without some explanation)
 

PeterR

Regular Contributor
Setup a VPN server running either on your internet router or one of the rpi's (I use wireguard on one of my SBC's). When you connect from your remote host to the VPN server effectively you are on your home network.
 
Last edited:

XIII

Very Senior Member
I did not get that to work using OpenVPN on iOS devices in the past, but maybe I should try that again now.

Thanks.
 

Dabombber

Senior Member
Obviously a VPN would better etc, etc...

Otherwise, the only way I can see it working like you want is if you have multiple IP addresses. Using IPv6 would make it easier, but you'd be relying on both locations being IPv6 enabled.
 

juched

Senior Member
You either need a proxy (something listening on port 80 which can be smart enough to forward to the correct PI) or separate IPs, not really available on residential ISPs mostly (and even if you did, you would need a router which can support port-mapping from different IPs).
 

ColinTaylor

Part of the Furniture
What is the client software you are using? You said you want to connect to the Pi's with SSH.... so that's not web (port 80) traffic.

So you will currently have configured your SSH client to use port 8001 instead of the default port of 22. So I don't see what the problem is.
 

XIII

Very Senior Member
Indeed. The person telling me to use nginx was only using web traffic; he misunderstood that I want to proxy ssh traffic, while I was pretty specific about that.

Clients? (for SSH & SFTP)
So you're right, once configured I don't have to type the port in any of these clients.

However, whenever I want to configure a (new) client I need to remember specific port numbers (I use harder to remember numbers than 8001 and 8002 IRL) instead of simple domain names.

No big thing at all, but if it was possible it would be nice (to implement & learn something new).
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top