You run the script and it makes it dead simple to set up either a Wiregard or OpenVPN server on a Raspberry Pi. Once the setup was complete, I installed the Wiregard app on my cell phone, imported the profile PiVPN generated for me and I was up and running.
Now I have my phone set up it automatically VPN into my house whenever it’s not on my home WiFi. When I’m on cellular data, I am VPNed into home. When I am on work WiFI, I am VPNed into home.
Now I can ssh into servers in my house and fix the Plex server when my wife calls to tell me there is a problem. And I can stream music from my house to my phone without needing to forward a port.
Very happy with this setup.
I have a VERY OLD PC running as a Linux server in my house. I’m slowly replacing the services running on it with 4 GB Raspberry Pis.
VPN usually has a bit of a performance problem. I’m currently using ZeroTier that provides a secure virtual lan connection to all your devices. A few minutes to setup and bango - you can talk to home systems as though your’e there. Client apps available for most popular platforms. Free for personal use. https://my.zerotier.com/
It is extremely useful when your work Wi-Fi blocks social media and messaging apps. But the speed is disappointing. I ran speed tests on my RPi 3B+ using OpenVPN and then switched it to WireGuard on a 100mbps (edit: up and down) Internet connection. I get that there is overhead to it all. I was getting about 10mbps with OpenVPN, and 11mbps with WireGuard. That hurts.
I use no-ip.com for my Dynamic DNS. It’s free if you don’t mind having to click through a reminder email every month.
Yes, I need to port forward from my router to the Pi running PiVPN. But that’s all I need to port forward. I don’t need to port forward any other devices on my network any more.
My previous exposure was http to my ubuntu-server, https to my ubuntu-server, whatever ports Plex forwards via uPNP, and my Home Assistant box. So, I had 4 things exposed. Now, I just have one thing exposed: the PiVPN.
I was working on getting everything behind a reverse proxy, but this is less work.
One easy solution I can propose is to set your DNS on Router level. So every device basically contacts your router for DNS resolving by default and your router forwards it to your Pihole device. Works flawlessly for me.
The only real drawback is that you can’t monitor individual device requests in PiHole as all requests look as they come from the router.
This in consequence also works with devices that are connected to your home network through VPN.
I use Dynamic DNS and set everything up by DNS name. I’m paying for EasyDNS, which costs $20 a year for my plan. But my router also offers dynamic DNS for free through Netgear.
I use noip.com but I am not sure I need it. My IP address hasnt changed in years. I got it thinking all residential IPs change but apparently that isnt the case