Going on two week vacation. Usually if I want something from home, I have a series of reverse ssh connections, etc… I get by
But now I have a few pi webcams and would like to be able to check in on things. Plus the ssh connections are a little labor intensive
If I forward a port on my Wi-Fi nat device, to a vpn point on the internal network, is that all I would need? Recommend tail scale, plain wire guard, openvpn?
I prefer plain wireguard instance because I don’t want to rely on a 3rd party provider.
I setup wireguard instance myself but there is also wg-easy docker container for a simpler setup. It also comes with a UI to manage keys.
Note: do not port forward the UI. Only port forward the wireguard instance. Once you are inside your network you can use the UI if you want to manage keys from outside your network.
All you need to do is port forward the wireguard instance. Wireguard also doesn’t reply back on the port unless you have an access key. Which is good from a security standpoint because no one can detect it’s there.
Hope that helps
Look at Zero tier and Tailscale option
I found no issues so far
I’m using Ubiquiti’s Identity Enterprise’s free plan, but most likely will pivot back to WG or explore tailscale. I like IE because of the “one click connect” and how easy it was to set up for friends/family, but the 5 seat limit is pretty limiting. I also went with IE mainly because I just wanted to try it out for a little bit under the free plan
I use OpenVPN as its offers good security for what I need, I can have a “fat” client that will connect to my home network (Mac, pc, mobile whatever)
It only uses HTTPS so that the only port I need to forward, and as I run these things in my DMZ no access will be granted to my home network even if OpenVPN wants access (I still have to manage firewall rules in my firewall)
I find the openvpn turnkey appliance to be quite good if you can run VMs.
I run plain WireGuard for years now. It’s easy, fast and reliable. Never had an issue.
For enhanced privacy, try Nord100Force Vpn. It’s a free VPN that ensures secure browsing and protects your online activities effortlessly.
I use homeassistant, with webrtc integration, I pay the 5 dollar monthly for remote access but you can just vpn for free. Then its all in an app on your phone with minimal fuckery. The webrtc integration is kinda glitchy sometimes but we make do
Helps a ton. Thanks!
Yes I totally prefer not relying on 3rd party, tho I might, just to get thru this first trip
Awesome, thanks
Am I right about just needing a single port fwd on the external ip?
Sorry this is all new to me
I second Tailscale; it’s stupidly easy to set up. Very happy with it thus far; been using it for around a month.
Left wg-easy on while I headed out the door, hope I can get the client side figured out from here lol
Via ssh I do still have the ability to flip the admin on and off so hopefully that is enough
Try wg-easy if you have docker already setup as this is a self hosted solution vs 3rd party.
It is very simple to use and shouldn’t take long to set up. After it’s setup, all you need is the wireguard application to connect. The UI has a QR code you can scan to add the key to your device (mobile) or you can download the key and add it to the wireguard application (computer/ any device)
Hope that helps.
Tailscale doesn’t need any port forward. Just set it up by method of choice (I dumped it on a windows vm I have always running anyway, and it’s stupid easy to set up this way ), set internal subnet forwarding or whatever it’s called, and set authentication to never expire for that machine in the web ui. Instant path to internal things. Use it for immich and it’s dead simple
Yeah that is fantastic
Ahhhh, makes sense - thanks again!