Remote access to home network CGNAT

Hello all,

I was wonder what would be the best solution to having remote access to VM’s and media server. Wireguard or OpenVPN? I do have Pfsense running behind the ISP router to create and manage VLANs.

I am really out of my depth with this.

Thank you.

First option I would try is to contact the ISP and ask for a public IP. Some do it no questions asked, some charge a monthly fee, others won’t do it all all. But it doesn’t hurt to ask.

Assuming you are stuck with CGNAT, hosting a VPN server at your home will not work, as it’s not reachable from the internet. I see two options:

  1. Rent a VPS. You can host your VPN server there and your home router will connect to it as a client. All other devices (laptops, phones, etc) can also connect as clients. You can setup the routing such that resources behind your home router can be accessed from the VPN clients.

  2. Use an SD-WAN service like Zerotier. This solution is probably more limited, given that you can do much more with a VPS than use it as a middle man for a VPN, but it may be easier to setup. And there may be free options as well.

I guess I forgot to mention, I do have a VPS. I tried to setup Wireguard on the VPS and Pfsense box.

Wireguard on the VPS is the peer, correct? I think I am not getting the keys and routing correct.

Thank you for you response.

Sorry, can’t help with Wireguard. I don’t have any experience with it.

If you own a QNAP nas they have a solution that allows you dial in to your NAS and presumably your network.

I have a FreeNAS box, I know I need to upgrade to TrueNAS. It was just an old desktop collection dust.

Thank you for the response.

I did watch this video again. I’ll try to set it up again when I have access to the Pfense box.

I was able to get a wireguard connection from a VM to the VPS following Tom’s post.

So you were able to get Wireguard to work by making its traffic bypassing Pfsense?

Sorry for the delay in responding. I am not using wireguard on Pfsense. I am using a VPS to connect back to my home network with wireguard on the VPS and on a VM.

No worries, I didn’t expect a reply right away. I was just curious and a little confused. So I watched the video you linked, which talked about Pfsense and Wireguard. When you mentioned the setup guide Tom created and didn’t say anything about Pfsense, I got confused. I assume none of the traffic between Wireguard and your VM’s is controlled by Pfsense, meaning all traffic between Wireguard and VM’s is acting like a separate Network not connected in any way with Pfsense?