Menu
What's new
By:
Filters Better Search

Setting up VPN server (router?) for offsite access

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

gdgross

gdgross

New Around Here
Hi all, found this forum, seems helpful to newbs like me - I'm a semi tech-y fellow here but not much in the way of IT things, although I'm learning.

I'd like to set up a way to access and log into my mac-mini, which is at home, from anywhere on the internet. Currently I can do this via the splashtop app, but for various reasons, I would like to set up my own system. I understand that this will require creating a VPN server for my LAN, and maybe some additional hardware purchases. (specifically a dedicated VPN router, which i understand is a specific piece of hardware, that may or may not house a vpn server?)

I'd like to be able to log in from a windows machine on a different wired network miles away from the mac mini and its LAN, using sonic wall or the windows built in VPN client, and control the mac mini via microsoft remote desktop, or similar software. I'd also like to be able to log in from my macbook pro laptop, using the same or similar tools from any old wireless network at starbucks or wherever.

My current home network looks like this (not counting a few additional wifi nodes that aren't shown for clarity)
53615077699_4fdb348c0f_b.jpg


As I understand it, hardware wise, I will need to do something like this:
53615077694_ae7c708c48_b.jpg


First, is my understanding of the hardware correct?

Second, I will need to set up a VPN server, yes? Is this something that lives on the VPN router? Or can it be installed on either NAS (QNAP-TS453) or the mac mini itself?

Third, what steps will I need to go through to set this up properly? I assume the VPN router will have some software that i'll need to configure once I connect it all, or maybe it's just a webpage I can connect to and configure. I believe I'll also need an ip or domain or something for the VPN, and a name for the mac mini itself to connect remotely?

Thanks for your help all - I'm slowly becoming IT fluent lol.

Geoff
 
Which device is providing IP addresses for your local LAN and Wifi clients ?

Search QNAP for a VPN server as a start

See what the issues are for connecting to that VPN server through the WAN (from outside) with a Macbook and a Windows device.
 
degrub said:
Which device is providing IP addresses for your local LAN and Wifi clients ?

Search QNAP for a VPN server as a start

See what the issues are for connecting to that VPN server through the WAN (from outside) with a Macbook and a Windows device.
Click to expand...
TBH, I'm not sure who's providing the IP addresses for my local LAN? maybe the are all DHCP? How would i find this out?

I'll do some searching for using the QNAP - not opposed to additional HW if it makes it easier for me though.
 
gdgross said:
TBH, I'm not sure who's providing the IP addresses for my local LAN? maybe the are all DHCP? How would i find this out?
Click to expand...
I'm assuming that your "Velop Wifi Node" is also a router and is providing DHCP for your entire LAN.

gdgross said:
I'll do some searching for using the QNAP - not opposed to additional HW if it makes it easier for me though.
Click to expand...
You don't necessarily need to have a VPN router. It may be convenient to replace your current router with another on the has a built-in VPN server. You'd typically do this if you don't have any other reliable always-on server on your LAN that could run a VPN server. The QNAP NAS is the most obvious candidate for running a VPN server. You generally don't want to add another (VPN) router in front of an existing router because it creates a double-NAT situation which brings it's own problems.
 
ColinTaylor said:
I'm assuming that your "Velop Wifi Node" is also a router and is providing DHCP for your entire LAN.


You don't necessarily need to have a VPN router. It may be convenient to replace your current router with another on the has a built-in VPN server. You'd typically do this if you don't have any other reliable always-on server on your LAN that could run a VPN server. The QNAP NAS is the most obvious candidate for running a VPN server. You generally don't want to add another (VPN) router in front of an existing router because it creates a double-NAT situation which brings it's own problems.
Click to expand...
Ok, thanks Colin - yeah the Velop is a wifi router, and since it's first in the chain, does that mean it's the one that's distributing out the internal IPs?

Thanks for that explanation too. I don't have a dedicated router device currently, (at least in hardware), so I assume something on my network must be doing that job without my knowing it, then? (the velop since it's the most "upstream device?)

TBH, I want the easiest way to do this; I don't particularly mind if it's on the QNAP, if it's on an additional piece of hardware, and the qnap just lives on the network without being a VPN server itself. (unless the additional HW is $$$$, then maybe it's worth the effort to figure out how to set up the VPN server on the QNAP.) Although if I did install it on the QNAP, I'm assuming I'd want to reconfigure the physical networkto make the QNAP the most upstream device, so everything behind it is on the VPN?)

I do have an expressvpn service running on a couple machines individually, but not the network, so I could use that account whichever route I go.

Sorry if these questions are basic!

THanks
 
gdgross said:
Although if I did install it on the QNAP, I'm assuming I'd want to reconfigure the physical network to make the QNAP the most upstream device, so everything behind it is on the VPN?)
Click to expand...
No, that's not how it works. Usually you'd just need to forward the VPN port from the Velop to the QNAP's VPN server. Check the QNAP documentation to see if it supports a VPN server as that is likely going to be the easiest solution.

What about the Mac mini, is that always-on? If so you could use that to host your VPN server instead of the QNAP.

gdgross said:
I do have an expressvpn service running on a couple machines individually, but not the network, so I could use that account whichever route I go.
Click to expand...
This is not the same thing. ExpressVPN is a commercial VPN service whereby your clients connect to their VPN server in an attempt to obfuscate your internet activity. What you are asking for is to run your own VPN server on your LAN so that you can connect to your home network remotely. Totally different.
 
Last edited:
ColinTaylor said:
What about the Mac mini, is that always-on? If so you could use that to host your VPN server instead of the QNAP.
Click to expand...
Yeah, I'd be happy to set up on the mini, I just didn't realize that was a possibility. It's always on, yes. Any guides out there on how to do this?
ColinTaylor said:
This is not the same thing. ExpressVPN is a commercial VPN service whereby your clients connect to their VPN server in an attempt to obfuscate your internet activity. What you are asking for is to run your own VPN server on your LAN so that you can connect to your home network remotely. Totally different.
Click to expand...
Gotcha on the diff, thx for clearing that up.
 
gdgross said:
well thanks for doing my research for me 🤦 😂

I'll take a look through that guide
Click to expand...
The article is helpful, but it doesn't address a couple of questions that come up when setting up the VPN server in QVPN app on the NAS OS.
I'm trying to set up a wireguard VPN server, and there are a few things I don't know. (wireguard is the protocol of how it works I assume?)

1. Servername: can this be anything I like?
2. DNS server? It's blank by default and doesn't seem to require an entry.

Thanks
 
gdgross said:
1. Servername: can this be anything I like?
Click to expand...
Yes. Valid characters: A–Z, a–z, 0–9, Valid special characters: Hyphen (-)
gdgross said:
2. DNS server? It's blank by default and doesn't seem to require an entry.
Click to expand...
DNS for VPN client eg. 1.1.1.2 or 9.9.9.9 or other.
www.qnap.com

How to Configure WireGuard VPN Server and Client Settings in QVPN Service 3

How to Configure WireGuard VPN Server and Client Settings in QVPN Service 3 WireGuard Enabling a WireGua ...
www.qnap.com www.qnap.com

Quick Start - WireGuard

www.wireguard.com www.wireguard.com
 
Thanks Peter. I'll wade through those and see if I can get it set up. The video seems particualrly helpful.
 
You must log in or register to reply here.

Similar threads

gdgross
Explain IP pools to me like i'm seven years old
Replies
9
Views
368
coxhaus
C
A
Best way to set up vpn on router for gaming?
Replies
13
Views
1K
Benbrode
B
A
Setting up login credentials for OPEN VPN
Replies
0
Views
161
ADOZ2AD
A
M
VPN for a Cruise Ship
Replies
11
Views
656
sfx2000
sfx2000
F
Router for VPN with AES-NI
Replies
8
Views
815
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
C Instant Guard IPsec VPN Log Showing Regular Access Attempts VPN 3
A Best way to set up vpn on router for gaming? VPN 13
M VPN for a Cruise Ship VPN 11
F Router for VPN with AES-NI VPN 8
S How to start client VPN from the CLI on tomato firmware VPN 0
Diablo99 How to build a safe VPN VPN 3
F Site To Site VPN between Debian VM and AsusWRT-Merlin router, no routes exists VPN 2
P OPNsense / Adguard / DNS & VPN questions VPN 3
6 VPN problem on remote connection. VPN 0
G VPN router on AIS VPN 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 880 (members: 33, guests: 847)
Top