The scenario:
Two individuals both with fast home Internet connections, plus an office on a pretty basic VDSL connection. All three have distinct subnets.
Routers in all three locations have VPN support. The home ones support OpenVPN and Wireguard, the office OpenVPN only, but I'd consider replacing the router if it gave us what we needed.
Objective:
I want to link all three locations so that IPs on each network can be reached from the others, but in a configurable way. Ie neither individuals home devices should be accessible to the other individual (albeit they may use the VPN themselves to access them personally). Some office-based resources may not be shared. Etc.
How can I do this?
I'm assuming I'll get a cheap VPS somewhere to act as VPN server and have all three routers connect to that, and after that it's "just" a question of managing access and routing. But I need the result to be maintainable and ideally not just by me, which would mean either some kind of GUI or some really simple commandline tools.
When I started looking at this I figured there'd be some simple appliance-type applications I could install on the VPS that would do this but I've come up short so far. I don't have any real budget for this - I'm OK with a few quid a month on a VPS and likewise on a subscription service if I have to go down that route (I'd rather not).
(We do already have an office dial-in VPN option which could be used on the routers but I don't think putting all our domestic devices into one bit VPN is a good idea for all sorts of security reasons.)
On Wed, Jun 12, 2024 at 03:54:33PM +0100, Mark Rogers wrote:
The scenario:
Two individuals both with fast home Internet connections, plus an office on a pretty basic VDSL connection. All three have distinct subnets.
Routers in all three locations have VPN support. The home ones support OpenVPN and Wireguard, the office OpenVPN only, but I'd consider replacing the router if it gave us what we needed.
Objective:
I want to link all three locations so that IPs on each network can be reached from the others, but in a configurable way. Ie neither individuals home devices should be accessible to the other individual (albeit they may use the VPN themselves to access them personally). Some office-based resources may not be shared. Etc.
How can I do this?
I'm assuming I'll get a cheap VPS somewhere to act as VPN server and have all three routers connect to that, and after that it's "just" a question of managing access and routing. But I need the result to be maintainable and ideally not just by me, which would mean either some kind of GUI or some really simple commandline tools.
When I started looking at this I figured there'd be some simple appliance-type applications I could install on the VPS that would do this but I've come up short so far. I don't have any real budget for this - I'm OK with a few quid a month on a VPS and likewise on a subscription service if I have to go down that route (I'd rather not).
That's been my experience whenever I've looked into using VPNs, it all sounds wonderful but when you actually get down to the nitty griity it's very much not an 'off the shelf' installation.
As regards cost of VPS I have two, one with Gandi and the other with FastHosts, the FastHosts one costs ony £1/month plus VAT.
-
Chris Green -
Mark Rogers