Site to Site VPN?


I currently use a standard home broadband provider but I’m moving to using a 5G mobile service.

On a standard broadband connection I’m able to VPN into and administer my home network, however I can’t do this on a 5G connection as there is no individual ‘real’ wan IP address.

My idea to get around this, would be to run a PfSense instance on a cloud provider (I use Vultr), and then setup a site to site VPN from my home PfSense box to the virtual PfSense on Vultr.

And then setup a road warrior connection to the PfSense on Vultr and tunnel through that to my home network.

Questions are:

  1. Is this the best way to do this, or is there a better way?
  2. As my data allowance is quite small on Vultr, once the connection is established would all traffic go through Vultr or direct between the road warrior and home network?

If anyone could point me to any tutorials that might help, that would be greatly appreciated.



You could setup a site to site VPN from Vultr back to your pfsense and as long as you don’t route all the pfsense traffic back through Vultr it will not use all the bandwidth there. There are better solutions for getting back into your home network bu using tools such as or

Hi Tom,

I’ll be wanting to monitor security cameras on my home network (only available internally and via vpn) and stream via my satellite box, so looks like the Site to Site might not be the way to go. I’ll take a look at both the links your provided

Many thanks,


@rmsloan also check whether Cloudflare’s Argo tunnel suits your needs. After you install the client, it creates a connection from your server to cloudflare without the need to forward any port.