I run a Nextcloud instance on my home server and want secure remote access without exposing ports. I came across Twingate, which looks like a VPN alternative.
Has anyone used it for personal setups? Is it overkill compared to something simpler like Tailscale? I’d like to know how you use it, or what else you use.
I never heard if twingate but i see no reason why not to selfhost Wireguard.
Its a proven open source vpn.
As far as a little research went. Twingate is proprietary software and caters to enterprises, it has some open source alternatives that have a similar functionality. Most if them using Wireguard under the hood. Look for tailscale/headscale or netbird.
I tried Wireguard now, and it worked beautifully (love its simplicity), than I setup port forwarding, and a no-ip ddns, and it stops working. Because, as it turns out, I dont have a public ip address. My isp runs a CGNAT, therefore i dont think there is any way for me to run a wg at home without some external server to hop from. I guess tailscale does exactly that eith thair connecting server, if i understand it correctly?
Honestly not having a static public ip address would be a dealbreaker for me, reason to change isp.
But thats not always an option.
My old isp got a new ip every full modem reboot and a way i used to circumvent this is with duckdns. It’s a free dns service i used before i had money to pay for my own domain.
If i recall correctly they have a desktop tool that connects to your account that scans for your current dynamic public ip and then updates it for your freesubdomainname.duckdns.org which is what you use to connect.
Yup that is exactly what i already did (with no-ip instead of duck dns but the same service), but as i said, the fact that it’s dynamic is not the problem. It’s the fact that even my dynamic ip address is not actually truly public. At least that is how i understand CGNAT.
Thanks for the recommendations, will look into wireguard first