Overview
This project uses WireGuard running on a Raspberry Pi to create a secure tunnel into my home network. It allows me to access internal services like my Jellyfin, Proxmox server, and dashboards while away from home.
Why WireGuard?
- Extremely lightweight
- Modern cryptography
- The use of elliptic curve encryption - for performance
- Easy to manage - thanks to PiVPN
Hardware & Setup
- Raspberry Pi 3b+ (running Raspberry Pi OS Lite)
- Static local IP
- Port forwarding configured on router
- Configured as DNS - acts as an ad-blocker for any VPN clients
Installation
WireGuard was installed using the following command:
PiVPN simplifies the entire setup process and handles configuration generation.
Client Configuration
Each device gets its own configuration file containing keys and connection info. These are imported into the WireGuard client on mobile or desktop.
Features
- Secure remote access to internal services
- Full-tunnel or split-tunnel configurations
- Integration with Pi-hole for DNS filtering
- Low latency and high throughput
- The ability for a client to obtain their keys and info through a qr code(from a non graphical terminal!)
- Less than 15 seconds to create a user profile
Use Cases
- Accessing home lab services remotely
- Secure browsing on public Wi-Fi
- Managing servers from anywhere
- Private DNS filtering with Pi-hole
Future Improvements
- Automated peer provisioning
- Multi-node VPN failover
- I may decide to add logging in the future - I currently am thinking of my other user's and I am on the fence.
My Thoughts & Opinions
Out of all of my projects, this was by far the most difficult. On both the client and server side, my networking knowledge was tested and expanded. My initial VPN solution was TailScale, I had some issues with connectivity across different platforms. I then went to Zero Tier One, this was a good solution for a while. The drawback with this was, it only allowed up to 10 user's. At this point I was already looking into hosting my own, WireGuard through PiVPN was the answer. This has to be the project I am the most proud of. The convenience it offers is unmatched, it lets me access everything I have, anywhere.
Running it on a Raspberry Pi has been more than enough for my needs, and the performance has exceeded expectations. It’s one of those setups that just works once configured properly, which makes it easy to recommend. Give this a shot, if you are looking to expand your networking knowledge.