Trying to host a Minecraft Server (Help!)

I have a very interesting use case for Tailscale.

Long story short I am using a shared network that restricts me from using port forwarding or accessing the router settings at all. (Basically, an institutional network).

I was able to get my server hosted on Lan, but nobody on the internet could connect to it (due to prior stated institutional network).

I tried using ngrok, but it only supports TCP and Minecraft Bedrock servers require UDP. After a lot of research I found tailscale. I tried to get it configured to broadcast this server to the internet but I am having issues.

I want to host a Minecraft server on my windows computer (client-1), tailscale is set up and connected.

I have an ubuntu VM on google cloud set up as an exit node (client-2).

client-2 is selected as the exit node for client-1, and searching my IP shows the google server IP.

I try running the server software using port 19132, and I try connecting to it from outside the network, I fail to connect.

Reason why I’m trying to do this:

Can’t portforward but my rig is strong enough to run the server to the specifications I want, would rather not pay for an expensive rig to host it externally. IS there anything I can do to force my server to run using the client-2 connection?

I don’t think you need the exit node. Here’s a way that you might be able to do it.

Windows Server and Ubutnu VM are on the same tailnet, and firewalled such that Ubuntu can connect to Windows. Nginx Layer 4 Proxy on Ubuntu catches traffic on the relevant port and proxies (i.e. forwards) the connection back to Windows over the tailnet. In this case you could run your server on the default port even, and have Ngnix listen on a different port. Nginx:port1 → forward → Windows:port2.

I think this with sort of setup, if you wanted to host multiple Minecraft servers behind the proxy you’d need to do some DNS work, but for a straight 1:1 proxy, you could do it with IP addresses on the tailnet to keep it simple.

Since you are looking to route traffic into a locked network, you’ll need some sort of proxy to redirect the traffic. There’s a chance you could do it with Bungeecord as well.