How to create VPN to connect to home

Zerafiall · March 6, 2025, 4:24am

Trying to set it up so I can connect to my home network (mostly my SMB server) from anywhere. I’m familiar with the all the concepts of VPNs but not configuring one. So if anyone has a good “Everything you need to know about VPN configuration” tutorial, that would be best.

So… problem 1 is that my network is behind a NAT at my apartment complex.

traceroute to 4.2.2.1 (4.2.2.1), 64 hops max, 52 byte packets

 1  192.168.2.1 (192.168.2.1)  9.217 ms  4.680 ms  3.900 ms

 2  10.19.X.X (10.19.4.1)  5.148 ms  5.351 ms  4.466 ms

 3  65.X.X.X (65.155.1.193)  5.681 ms  5.909 ms  5.899 ms

 4  cls2-edge-04.inet.qwest.net (63.146.216.137)  8.690 ms  7.388 ms  7.797 ms

is my home router, 10, is my router’s external IP address, and 65.X is that I see when I got to “What’s my IP?”. I can’t modify the apartment router to send certain traffic my way, so I need to build a bridge from the external internet to my home lab (maybe spin up a PFSense but or something on my ProxMox). My thought is setting up something on Linode or something that holds open a constant tunnel to my homelab, then when I’m way from home, connecting a VPN to that Linode box. (Maybe even make a “Y” thing so I can use that Linode box for a proxy or DNS pi-hole thing)

img_virtvault · March 6, 2025, 4:24am

This is actually very easy if you control a Linux server behind the router gateway , you would use the server to connect to a to something outside the new to crated a tunnel to the service you want. This is pretty much how any major vender does it.

chauncybeef · March 6, 2025, 4:24am

If you are double NAT’d behind a router that you don’t control you are going to be severely limited. The only solution that I can think of would be paying for something like Hamachi.

Spinning up pfSense OpenVPN/Wireguard/etc. is not going to work since the port will not be reachable externally.

LeviathanFox · March 6, 2025, 4:24am

So, while I think this can be done, being double naked will cause you a few issues. I guess my question would first be if the apartment complex has an IT guy that would allow you to make a configuration change. Otherwise, you would need to use linked to configure a static route to your gateway at the apartment.

How do you get service, is there an ethernet jack that you use?

img_virtvault · March 6, 2025, 4:24am

Easy way would be to put up a free cloud I Sara even of a Linux machine and have your local system connect to it and it would be the tune you contol

2ViagaraPillsInTheAm · March 6, 2025, 4:24am

Have a look at ZeroTier.

aimannorazman · March 6, 2025, 4:24am

Or ztncui for unlimited number of clients