To be a contributing node on the network I understand you need to enable access to port 3414. https://forum.grin.mw/t/how-to-open-port-3414-and-why/7825
I setup a headless computer with Ubuntu 24.04 server and wireguard vpn via ProtonVPN. The ProtonVPN enables port forwarding https://protonvpn.com/support/port-forwarding but it seems there is a catch: They don’t let you specify the port (3414) and won’t tell you which port they enabled. I have no way to know. Additionally, the port they enable for connection can change every time you connect. I know ProtonVPN is not the only VPN with this problem. My grin node starts at boot but only has outbound connections… I understand this to mean that my node could be useful as the place for me to connect my wallet, but it is not contributing to grin network security.
Has anyone solved this problem that would be willing to tell me how to make this work. I would like to allow inbound connections to support the network.
From telegram ardocrat;
P2P server has no proxy support, need to rework it for Tor peers support as well.
With Tor peers it will work with VPN, cause Proton is not your own server with nginx to forward
Same case for mobile, without fixed IP, your ISP will not let you to launch server very likely
You could set up tailscale to use a wireguard network and allow ingress without having to open any ports.
I looked into this some more. If you use a linux computer with a desktop you can use the desktop Proton VPN App. It establishes a wireguard vpn connection with a random forwarded port tells you what the forwarded port is. You can then very easily enter that port ID into the grin-server.toml file before you start grin and it works (inbound and outbound connections are established).
My problem is that the the headless server does not have a GUI so I can’t use the actual app. I have to use wireguard app with proton VPN parameters. It properly establishes the VPN connection and forwards a random port, but I don’t know what the random forwarded port is. It means I can’t tell the port to grin before I start the node. Unfortunate.
As I understand it, I don’t actually strengthen the grin network if I run a node that does not accept inbound connections.