I’m looking to expand and further secure my home server, and I’ve been poking around at the FUTO self hosting guide, and as a result I’m looking to host OpenVPN then connect to my services through that.
However, is it safe to have the machine running OpenVPN connected to my router, with my router operating normally, but forwarding the port to the OpenVPN server?
Then once I’m into that, I’d connect to what I’d like. Unless I’m misunderstanding, this would offer me sufficient security, correct?
I do have a backup RPi that I might end up turning into a router as the FUTO guide suggests, but I’d rather not mess with my network where possible, plus I’d need to buy a switch.
No idea what you mean with the port assignment. You can run either on whatever port you want. Most residential ISPs block incoming on 80/443 anyway.
I must be lucky with my ISPs then, no trouble using 443/tcp for me.
To my knowledge Wireguard runs over UDP.
edit: And the reason to use 443/tcp is because it’s a port that will be open as outgoing from wherever your client tries to call home.
This, I used to run an ovpn server to call home from restricted networks that didn’t allow for wireguard ports. I’ve since moved onto netbird, which runs wireguard under the hood and automatically syncs to a relay server when needed.