by Evan Gargiulo
on January 13, 2023

a Virtual Private Network (VPN) is a great way to achieve server access from outside your home, but in a more private way. my last post was about server access through cloudflare tunnels, which is awesome, but sometimes your use case may not call for that.

for example, a CF tunnel is great for general access to a specific service on your server. however, if i want to expose more of my server, the tunnel is a poor choice since it has a single endpoint. or, maybe i want to be the sole person who has remote access and dont care about anyone else. enter the VPN.

VPNs are not a privacy tool – i want to emphasize that now. the purpose of the VPNs i am talking about in this post is access to your network when you are not at your house. sometimes you have many assets at home and you need to access them all at once. or maybe you dont want things exposed to the internet but you want to be able to manage them remotely. this is why you would use a VPN.

the VPN of choice for many people going forward is Wireguard. it used to be OpenVPN so you may hear a lot of talk around that protocol, but it is being surpassed by wireguard and will soon be replaced by it completely. wireguard is amazing for many reason which can get technical, but for simplicity’s sake i will tell you wireguard is a lighter protocol and therefore faster.

the reason i run wireguard is due to the wg-easy container. whether you run it through docker or truenas, wg-easy is stupid simple. and it just works, much like CF tunnels. if you have never worked with VPNs or wg-easy before, i wil show you how simple it is.

on the server, you install the wg-easy container and are greeted with a web dashboard which looks like this:

see how simple?

the sliders allow you to temporarily limit access, there is a QR code button to add a tunnel, a download button to download the conf file, and a delete button. thats it. to add a client, all you have to do is give it a name and wg-easy does the rest.

on your device, like a phone, simple download the wireguard app and to gain access to your home network, point your camera at the QR code and bam! you now have access. there is a slider button to turn the tunnel on or off, and once its on, you can go to addresses like 192.168.1.X as if you are sitting on your couch connected to your wifi. the best part is its 100% secure so you dont have to worry about anyone snooping on you, so typing in passwords are safe and management of sensitive data is no problem.

im sure you can see where this comes in handy. i use both CF tunnels to open traffic up to the entire internet (like this blog) as well as a wireguard VPN for stuff thats just for me and i dont want anyone else to be able to see.