hello all, I have a simple question. I dont have a router. i connect to the internet through a usb dongle (wwan0) or through hotspot from my android phone. i want to be able to view my web server outside my local network... i have apache server running on my local network in germany and i want my friend in france to be able to view it if i give him my external (public) ip address. how do i configure the NAT Gateway, Iptables, Port Forwarding, DNS And DHCP Setup, etc to be able to achieve that? my operating system is kali linux rolling edition (2016). if its not possible (which i doubt), is there a software i can use to be able to achieve that? My goal is to allow someone outside my home network to view my webpage on port 80. thanks

You run web server on Kali? I was thinking I've seen it all ...

Alright, technically, I want to be able to do a metasploit reverse_tcp over the internet. I dont know what to set as my LHOST. Thats the beginning of my challenge.

You need to provide a lot more detail on your network setup.

A USB dongle that connects to what? And if you're connecting through a hotspot generated by your mobile phone, then your mobile phone IS the router. If your mobile phone doesn't provide a way to set up port forwarding to devices connected to its hotspot, then you're out of luck, but even if it could you're probably still out of luck because the IP your phone has on the mobile network is most likely a private IP on a NAT generated by your service provider and is not publicly routable anyway.

The usb dongle connects to a 4g network, i use a prepaid sim card (just a normal internet surfer). my mobile phone is a samsung running on android marshmallow. If my IP is a private IP on a NAT generated by my service provider, is there any other way around it? What I want to achieve is running metasploit reverse_tcp over the internet and my LHOST (local host) is required. I've been using my internal IP for that, withing my internal network.

Well first you need to find out if your mobile broadband provider gives you a public or private IP. In my experience the majority are private, but you should be able to find the address assigned to your machine (usb dongle or android phone) and compare that to what you get if you go to www.whatismyip.com. If it is private, you'll need to call the provider to see if they have an option for purchasing a public IP instead, some do but you might need a business account for it.

If you just need to connect from a single machine, rather than from anywhere, then you can open a reverse ssh tunnel to that machine connecting your local port 80 to some port on that machine. At which point you can open a browser on the other machine machine, point it to localhost : port, and it will connect to your machine's http server through the ssh tunnel.

thanks @suicidaleggroll its a private IP. I'll go with the ssh option. Later on, when I have the money, I'll contact my ISP and do the necessary things.

I'll mark this thread as solved.