I’m looking to expand and further secure my home server, and I’ve been poking around at the FUTO self hosting guide, and as a result I’m looking to host OpenVPN then connect to my services through that.
However, is it safe to have the machine running OpenVPN connected to my router, with my router operating normally, but forwarding the port to the OpenVPN server?
Then once I’m into that, I’d connect to what I’d like. Unless I’m misunderstanding, this would offer me sufficient security, correct?
I do have a backup RPi that I might end up turning into a router as the FUTO guide suggests, but I’d rather not mess with my network where possible, plus I’d need to buy a switch.
OP ignore anyone saying wireguard is better than openvpn, it’s not. they are two solutions used to solve for multiple problems.
openvpn is highly configurable and is more widely supported across almost all platforms but the learning curve is medium to difficult.
wireguard is easier to setup for first timers and has stronger encryption but lacks multiplatform support and has shorter track record ensuring security and viability.
some say wireguard is “faster”, but I haven’t seen any real world instances of this being true unless you get close to the theoretical full saturation of a 1g interface. unless you’re dealing with HA or high throughput apps in a commercial setting I doubt you will run into that issue.
personally I prefer openvpn because I use it across multiple platforms and have peace of mind knowing it’s a tried and tested solution with decades of public and private support.