This is an automated archive.
The original was posted on /r/wireguard by /u/Clonkex on 2024-01-16 22:18:15+00:00.
I'm trying to set up a VPN to be able to access my local network from outside. This started as a fun idea to try on my Pi 4 but has devolved into pain and suffering because I'm on Starlink and they use CGNAT. I don't actually even need the VPN but I want to complete the project for the sake of learning.
So far I've spent a few days struggling through learning how iptables works (and finally realising there's hooks in the kernel that it uses to modify how packets are handled - it was so confusing that an optional package could magically act as a firewall) and trying to wrap my head around what postup and postdown commands I need.
So this is where I'm at:
- I've got a VPS (a Digital Ocean droplet, although I will be switching to Vultr later)
- I've got a Pi 4 on my local network
- I want to be able to add WG peers on the VPS (preferably using pivpn because that makes it incredibly easy, but I'll do it manually if I have to), add the required config to my phone (again preferably using pivpn because then I can just generate a qr code), then just turn on WG on my phone and be able to ping any device on my local network from my phone (or, more usefully, access the SMB share on my NAS)
- I found a few guides showing how to set up chained VPNs with WG, but they seemed to be doing it for secure inside-out access to some sensitive resource and I don't think their setups would work for my case
I think I've reached the limit of what I can figure out on my own with this. Any pointers would be much appreciated!