I was planning on providing OPNsense firewalls to my parents house across the pond. I am setting up the mini-pc’s up with Opnsense and will deploy the unit when I visit them next. So I thought it’d be great to connect both our firewalls using Site-2-Site VPN. Unfortunately, all ISPs that provide internet to my parent’s house use CGNAT.
What are my options to enable connectivity between the 2 houses? I have done some research but the 2 options that I found have some drawbacks.
- ZeroTier – I have seen @LTS_Tom 's video (ZeroTier VS VPN and A Look At The Data Stream With Wireshark - YouTube) but I am a bit concerned about my data passing through 3rd party servers. Secondly, if I use the ZeroTier plugin on Opnsense – will all the devices behind these firewalls be able to talk to each other?
- VPS serving OpenVPN – additional cost of VPS and having to monitor the bandwidth etc.
Are there any other options in the CGNAT scenario? My preference would be to self host a VPN (Site-2-Site or Road-Warrior style) but I am not sure if that is even possible.
Thanks for your time …