How to bypass CGNAT using a VPN to access my web server.

I setup a webserver but my ISP blocks port forwarding because I am using mobile internet. The ISP is CGNAT. I need port 80 open

I heard if i setup or use a VPN server i can link it to my webserver then my website will be visible to anyone?

How exactly does this work?

Where is the VPN located beside my webserver? In my house? or on the internet somewhere?

How can i get more information on this, My skills are good i can set this up but need help
 
Yes... but no? It has to do with your second to last question.

Also as a side note, I've not looked at the rules in forever so I hope I'm not about to break one.

So, you'd need to have another service (another machine on another ISP or virtual hosting which allows you to run programs/VPNs to) to run the other endpoint on. Think of a VPN as a service (software running on a machine) that allows something else to appear as a local device, either routed or broadcast (on the same switch with no routing) Hence the name:
Virtual, runs on top of something else,
Private, explicitly between places and encryted
Network, ... ummm connecting two or more machines.


1. I just remembered that there is the "Privacy" "VPNs" (I have reasons for the quotes) everyone advertises today which may work in this situation too as they are mostly for shifting your traffic. There are gotchas though:
2. Make sure the VPN provider offers port forwarding.
3. I don't know if they'll allow you to select the port you get - AND 80 is the standard web point, you'll be sharing this IP address with many others and if they allow you to pick and get 80, it might already be taken.
4. The address you get will change so you'll need to know the new address often, and while DDNS is a thing, there will be a delay in how quickly it updates.

For example, I have a friend that runs plex but also uses one of these services. When they do, their plex server goes offline. They told me their VPN allows port forwarding but he was getting confused.
What I setup was he gets the port and I use a program (really old) that forwards from one port/ip to another and set the random port he gets to the plex server port. Plex updates the IP on the service and it comes back. He doesn't get to choose it and has to tell the little program what the new port is whenever it changes but he's okay with that.
 
I think you are SOL. Most off the shelf privacy VPN services are going to have pre configured locations that are used by all of it's users, they aren't going to allow you to hijack port 80 to host a website via a node that thousands of their users are using.

You might be able to make something work if you have hard wired internet service someplace you can configure your own VPN and router at. But at that point just move your webserver there. Even then most point to point VPN solutions I have used need to have some sort of ports forwarded.
 
1. Build a VPS on AWS, AZure or Oracle cloud (pretty sure oracle still has a free option available for a 6 core arm derivative)
2. Setup tunnel between home and vps
3. Forward from VPS to home
 
