I am wanting to access services on my home network and my cloud network from work.
My employer however has blocked outgoing VPN connections and all ports apart from ports 80 and 443.
What are my options here? Are there any service I can use to bypass these blocks?
I setup my own VPNs on ports 80 and 443 just to get around this issue. Works great for me.
I never understand why people consider company IT as the enemy. Engage with them. Describe what you’re trying to do and ask your IT team if they have a recommended method for doing what you’re doing or if they can make an exception for you.
The worst that’ll happen is that you’ll get a reason for why the network is set up as it is. I would suggest the worst thing you can do is try and subvert the intent of any controls without permission. Not wanting to lecture, but it’s generally a fast track to a disciplinary at best.
To answer your question without context, if TCP/443 is open to anywhere, just run a VPN server (SSTP for example) on TCP/443.
To add context, even if the network allows it but your AUP says “no VPNs”, you may still be on track for a disciplinary even if it all works and you’re not bypassing any technical countermeasures.
Your call, OP. My approach would be to talk to your IT team. If you’re running in to issues, it’s probably because they’re trying to rob you of the rope with which you’re trying to hang yourself.
I want to second cautioning you about violating the rules of your workplace.
To answer your question though, look into zerotier.
Reverse Proxy.
I use HA Proxy
Maybe you should be asking yourself (or Reddit) why your employer would want to block everything but web traffic. This is likely information found in an acceptable use policy, along with the repercussions of circumventing it
You shouldn’t be accessing anything on your home server using your employers network. Not even though a vpn. Mobile hotspot or public wifi first. Using company resources can shoot yourself in the foot
Why do you need to access your personal network at work? Knowingly bypassing blocks is a recipe for termination.
IP over DNS? Slow as hell but rarely blocked.
Throw all your public web services including guacamole behind nginx on 443. Don’t vpn on your work pc or if you ABSOLUTELY must - it would be worth trying to use the same kind of vpn appliance your work does so you don’t have to install anything (e.g. Set up an ASA at home if your work uses Cisco AnyConnect)
Chances are your domain gets blocked by Umbrella/BloxOne anyway for being relatively unknown.
SSH tunnel on port 443
Your option #1 should be not getting fired for violating company policy you seem to be well aware of.
Run Hotspot on work pc, then connect to it on phone and run vpn there
This way you won’t be accessing your home stuff from work desktop itself.
expose Nextcloud or Code-server from your home network using normal HTTPS 
you can use ngrok or localtunner (both are npm pckgs) ON YOUR HOME SERVER and just connect to it from work computer
Terrible advice on this thread. Do not do this!!! Your company is blocking this for a reason. You are creating an unmonitored backdoor into your company’s network. At my company you would be fired. What possibly gives you the right to bypass security that your company clearly has there intentionally?
I use guacemole to access Remote computer
Look at TrueNAS Scale, TrueCharts, traefik, cloudflare.
That should get you 90% of the way to do whatever you want. Specifically check out TrueCharts YouTube videos. Even if you don’t go the route of trueNAS, it would still give you some idea as to what you could spin up on your own. And if you don’t like the ecosystem, you could use docker to do the containers on a Synology Nas. Or run a bunch of VMs in high perv (Hyper-V).
PM me, I can give you limited access to my system and you can poke around to see like 5% of what you can do if you’re a little tech savvy and have an extra hour a week every once in a while (warning: it’s a dangerous rabbit hole. 10 years ago I spun up my first real home server now I’m hosting 1g u/d, nextcloud, TrueNAS w/ 70TB of storage, LDAP, teamspeak, matrix, Prometheus, grafana, mealie, and on and on… All with valid certs, all on strict SSL (443). All that is hosted on TrueNAS. Which additionally hosts traefik (reverse proxy), cert-manager (gets my certificates signed automagically). Home Assistant for home automation. All behind a PfSense box that scrubs all (about 99.99% of all ads coming in through browsers and the such), allows me to pretty strictly limit network access while still running a mesh network in home that runs a couple hundred IoT devices, a personal, internal wifi for friend/family and a closed guest network so that guests can access limited features of the house, but not core features/functions (they can turn lights on/off, watch TV, get local notifications (we use this mainly when hosting and having guests with a plus one, or older children. I can tell the home assistant to turn it on for X hours, then it kills it.)). And then there’s an open guest network which we use when hosting larger events (like several full families, but we’re mainly outside or something ) where the have internet, but no house access. (I can also grant temporary passes to people with smart phones so they can look/unlock doors (helpful when someone is watching the house while we’re away)…
Your options are to do your work at your workplace and not homelab stuff. And when you need a service like a password manager then either open port 443 and serve the service on that port or use cloudflare tunnel to publish that service.
I recently faced a similar issue where my school network basically blocked everything, especially vpn connections. I found that TailScale is the solution as it bypasses all the restrictions. Simply host it on a server and you can connect to it from any device.
Why are so many answers useless “you shouldn’t”, and why is OP getting downvoted for addressing answers that don’t answer his question