Hi folks, I’m just getting into this hobby thanks to the posts in this community. So far, I’ve installed Ubuntu server 22.04 on an old laptop and got paperless working, and I’m pretty pumped. Now I would like to access it outside of my home network on my phone.

I have a Netgear R7000 with Advanced Tomato installed. Here’s my plan, but I don’t know if it would work… So I’m hoping for a peer review of sorts.

  • Get openVPN working on the router as a server.
  • make a certificate for my phone and use it as a client.
  • use my fedora laptop as the CA (?).

I think I need to use easy-RDA to make the keys and certificates…

Does that sound about right? It’s this a good approach or is there something better/easier/more effective?

If there’s a great tutorial around for accessing the home network externally, I’d super appreciate it. Would obviously prefer to do it myself and not pay for a service… I’ve been enjoying the learning experience!

      • Still@programming.dev
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        there are 3 main steps depending on what OS is being run, but it basically goes like this

        port forward some port to a maching on your home network,

        create a wireguard config through network manager if you’re using that or the wg-quick command, make sure it auto connects

        3 mess with the firewall so that your devices on the wireguard network can see your home network

        there are tons of easy to follow guides out there, this is the one I followed

      • rambos@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Personally I use openmediavault (nas software) that has nice wireguard plugin and everything in UI. But you can use native wireguard app or pivpn for example.

        1. Port forward 51820 udp to your server

        2. Setup tunel and client on server

        3. Scan QR code with your client (android or whatever)

        4. and 3. has to be done for every new device