Not the topic of the article, but security of opening anything up in my network is always super concerning. I really want a zero-advertise way to find and connect to my network. So, for instance, there could be a trusted server that I advertise my IP to so that I can find it when I am off my local network. Not dynamic dns, something that requires me to send them a key so that only my devices can get the IP. Then, some form of port knocking could hide the connection port actually used like I send a sequence of knocks based on my key encoding the port I will use to actually try to connect my VPN so that I can rotate that around. A bit overkill but I am paranoid now. It is a jungle out there and security is hard for experts much less people like me.

▲

smw a day ago | parent | next [-]

tailscale

▲

esseph a day ago | parent | prev [-]

Zerotier, talescale, cloudflare warp, bare wireguard

▲

mjevans a day ago | parent [-]

The hardest part with bare wireguard is one part _really_ wants to be static, OR you have to re-init stuff and push DNS updates every time it updates.

	▲	esseph a day ago \| parent [-]
		Just the primary/hub/main site. Mobile clients do not. If this is a problem with a home connection then you'd want to use a relay. A small 1C CPU box at some cloud provider. Make that the "hub" that everything connects to and then you don't have to worry about the residential connection changing IPs