I currently have a server running Unraid as the OS, which has some WireGuard integration built in. Which I’ve enabled and been using to remotely access services hosted on that server. But as I’ve expanded to include things like Octopi running on a Pi3 and NextcloudPi running on a Pi4 (along with AdGuardHome), I’m trying to determine the best way to VPN to my home network with the goal of reaching services I’m hosting, and do it safely of course.
I have a Netgear Nighthawk that has some VPN functionality built in that uses a OpenVPN account. Is that ok or would it be advisable to come in a different way?
Plug your pies into wireguard. Problem solved.
I’ve seen a lot of descriptions of Tailscale but still have no idea what exactly it does. I get that it uses Wireguard, but what differentiates it from a typical VPN setup? NAT traversal?
Doesn’t tailscale retain closed source for the coordination server?
I think nebula mesh is totally open and you can run your own coordination server, lighthouse?
Nebula would need static IP, TS can do that part for $
Everything but the coordination server is open source. But you can selfhost this part yourself: https://headscale.net/
Tailscale is a service that relies on a third party to facilitate the VPN connection between your client and server. It is designed for people who don’t want to or cannot forward ports. Your server and your client both talk to the Tailscale servers and traffic is routed that way.
I think openvpn works completely fine for most use cases and didn’t have any trouble with it at all. I did however switch to wireguard on my gateway and I get a little better throughput compared to openvpn. That being said, I’m also using a pfsense box as my home gateway, so access to internal services has been easy as general routing gets.
Pivpn
Any reason the VPN can’t stay as-is? Unless you don’t want it on the unraid box at all anymore. But going to unraid over VPN then out the rest of the network from there is a perfectly valid use case.