Running FG from hotel

[Myrdin Potter]

If you get the dedicated IP option, there is no need to forward.

[Bidmaron]

Myrdin, you spend a lot of time in China. Is that mainland or Taiwan?

[Myrdin Potter]

Mainland. Rarely in Taiwan.

VPN via hotel is hit or miss these days as they are more aggressively blocking VPN, but I can get it to work over my roaming cell phone ($10 a day unlimited data - AT&T).

[Bidmaron]

PM'd you so as not to bore everyone else.

[Valyar]

That doesn't sound very simple. What do you mean?

From all options available, this is the most simple, performant and cost effective one in my opinion. Having VPN subscription is OK, but it comes with limitations and depending on the protocols used by the provider, sometimes you might be unlucky and find that L2TP/IPsec port is closed on public networks, allowing only http and https protocols. There are hacks around that as well, but this is not the point
Another benefit of this approach is that you don't need to configure NAT, you can host games even if your ISP is total **** and breaking the regulations by not providing you with public IP or you are on corporate network...

So what is this solution?

• You need Linux box hosted somewhere, preferred location is somewhere geographically close to the players. Any cloud provider is (any flavor will work, you need the SSH server (sshd))
• Public IP on this box (can be static or dynamic, does not matter except for the costs of static IP that survives a reboot)
• Outbound traffic (so far I haven't found a network blocking SSH, in case this happens you can configure your SSH host to listen on 443 and you are done).

After you have the box, you enable port forwarding in the Linux server's sshd configuration file, because this is not allowed by default. It is single line change on the property GatewayPorts, AllowTcpForwarding and TCPKeepAlive from no to yes in your sshd_config file and you leave the machine running.

You connect to the Linux server over its public IP with the switch for remote port forwarding in your preferred SSH client. For example in Putty putty.exe -ssh -R 1802:localhost:1802 username@host. This command instructs the remote server to forward TO YOUR local computer everything on port 1802 over the SSH tunnel. In other words, the traffic is encrypted (because of the SSH) and only the Fantasy Grounds traffic goes over the tunnel.

Another huge benefit is that you no longer have the possible bottleneck cause by your VPN provider network - most of them tunnel everything through their network, which can reduce your bandwidth for everything - FG, Skype,Discord and etc, no matter how fast your physical connection is. With the tunneling over SSH, you only tunnel the FG traffic and use the physical link to its full extent possible.

In the end - if pay with your money for this cloud server, to get even cheaper in the long run, the following are good strategies:
1. Use free-tier from AWS - they give free EC2 instances of the smallest tier, which is completely sufficient
2. Use dynamic public IP, they cost less or nothing and it is not a problem to capture it every time you start the machine. Static IPs cost while they are assigned, used or not - does not matter.
3. Provision the smallest possible storage for the OS
4. Shutdown the server to reduce computing costs

If you wanna get really cheap - re-provision the machine before each session... This way you avoid the storage costs in the long run... at the cost of 10-15 min extra prep time before the session.

Looking at the cost of the public cloud resources, I believe it is cheaper compared to VPN solutions.

[Bidmaron]

I tip my virtual hat to you, Valyar. That is way complicated compared to port forwarding, but if I'm understanding you properly, it sounds more reliable. You still have to have a public ip v4 on the server, but that is the address of the server, as I understand it.

I don't recall this approach being discussed very much here, and I've been around a long time (although I had several long hiatus due to the Navy).

[Myrdin Potter]

I use the VPN for more than Fantasy Grounds. I hate surfing from a hotel without the VPN on.

I also don’f Use Linux much, so your not so complicated solution is a lot of googling for me.

[Valyar]

Bidmaron, yes, the cloud server must have public IP to which the clients and you connect during session.

And... I find this solution extremely simple - first because I am infrastructure guy and this is what I do for living and second because it does not require any 3rd party software to be installed and mess up with your machine (especially if corporate device that you manage and you are admin on it). SSH client is embeded in Linux/Mac and for "Linux native" experience in Windows you can go with Linux Subsystem for Windows in Windows 10. I go with the industry standard PuTTy, which is safe.

And this tunneling over SSH is alternative ONLY if you are in situation where you don't have control over the network infrastructure and need to have workarounds. When you are at home it makes no sense.

Unless you have dynamic public IP (some providers charge extra for static) and you host a lot of games - then it might be preferable as players will be able to re-use their saved session in FG and connect to the same location every time. Just put static IP on the Linux box.

I use the VPN for more than Fantasy Grounds. I hate surfing from a hotel without the VPN on.

I also don’f Use Linux much, so your not so complicated solution is a lot of googling for me.

I would argue about "a lot", but I completely understand that what works best for you is not what might be the best for other people.
If your VPN solution works for you - stick to it.

[LordEntrails]

From all options available, this is the most simple, performant and cost effective one in my opinion.
...
Looking at the cost of the public cloud resources, I believe it is cheaper compared to VPN solutions.

I think the point of Bidmaron's comment is that it's not a simple solution unless you have specific knowledge.

I have a little experience building servers, both the hardware and the operating system and applications. I have a little experience configuring small networks. I have a little experience with virtual computers.

Looking at the outline of what your solution requires would not be a simple task for me. And I have more network and administration experience than most FG users.

I have no doubt your solution is a great solution, and if you have specific knowledge and experience is easy to do. But its not a simple solution for most FG users

[damned]

https://www.fantasygrounds.com/forum...d-Alternatives
Its the last option in my list.
The link has a step-by-step of how I setup a SSH tunneling server for FG.

It does require a few steps to setup - but is very easy to use after that and rarely blocked by FWs.