Install And Configure Wireguard VPN
Preface
I think it is not necessary to emphasize how important you privacy on the public Internet. In the world of high speed internet more and more applications are running at your home, eg.: OpenHab, Plex, Private NAS, etc. People usually want to access these services outside the home network too. It is not recommended to publish these service directly on your public ip address:
- It is becoming more common to use CGN Nat by many internet providers. This situation make it impossible to publish your service on Public IP address, because you won't have any.
- Everybody on the public Internet will have access to your private servers. Hacker can easily find your service and may steal your sensitive data.
- You have to make effort to configure NAT in your router.
- Usually consumer internet providers assign IP address dynamically. In this case you have to choose a dynamic DNS service. One of the best I think is DudkDNS, it is completely free for use. You need to update you ip address somehow (router, shell script, etc.). DuckDNS supports a lot of method to do this.
Not all of above could be eliminated with Wireguard VPN:
- If you don't have static public ip address you still need NAT configuration and DynDNS service.
- With CGN Nat it is still impossible to get into your home network.
If you are looking for a really zero-configuration VPN solution your best option may be Tailscale. It can be easily installed on any popular platforms (Linux, Mac, Windows, Android or IOS).
If you are interested in how Tailscale solve the NAT and dynamic IP problems you should read this article: https://tailscale.com/blog/how-nat-traversal-works/. And the best: it's completely free up to 20 devices.
But this article is not about Tailscale, but Wireguard.