This is basically the final chapter in my home lab journey, or at least it brings you up to speed with where I am as of April 2024. I am sure there will be new projects and future blog posts, but they will probably not be in the “chapter” format. At this point, I feel like my home lab has reached a level of maturity where I could just let it run and focus only on creating content. But that won’t happen. I have a long list of projects I want to try and I will document those in the next post.
As many of you know, I travel a bit for work. So it is a requirement that I be able to access my home lab from anywhere I happen to be. Both for the enjoyment of continuing my experiments/projects when I am away for an extended period as well as to make sure that https://www.leeannperugini.com/ is ALWAYS up and running. I am the uber sysadmin and webmaster for my wife after all.
The traditional way of doing this would be through a VPN. I have set up and used several VPNs in the past, and they were all good: NordVPN, OpenVPN, Wireguard VPN, etc. The last two, OpenVPN, and Wireguard are examples of self hosting these services on the cloud. They all work great. BUT they represent a challenge for me. See, you need to know your public IP address, in order to access your network with a VPN. But that is a significant challenge for me for two reasons. First, I have two internet providers (ISPs) here at home. I work at home whenever I am not traveling and as a contractor, I get paid by the hour, which means I can’t afford to lose an hour of work because the internet is down. My pfSense firewall is configured to switch from one internet to the other automatically if one or the other is down. The other thing is both of my internet providers tend to change my public IP addresses often. Yes, I could probably use a service like a DDNS to solve this problem, but only if I had just one ISP. But I came to the conclusion pretty quickly a plain VPN wasn’t the answer.
I posted in an earlier chapter about Tailscale. in 2022, Tailscale was added as a package in pfSense. What this means is that I can install Tailscale on my pfSense router/firewall and on my laptop, and with the proper configuration, everything in my home can be accessed from anywhere. And the configuration is super easy and takes less than 5 minutes. You have to enable the feature “advertised routes”. I also use Tailscale to use my pfSense as an exit node. So I can use this as a privacy VPN for my phone or PC as well. Tom Lawrence does an awesome job of explaining how to set up Tailscale and pfSense in this video.
Tailscale is what is known as an overlay network provider. There are other overlay networks that you can choose from. I tried Tailscale first and it worked so I never switched. You may want to try out others like Zerotier, Twingate, Netbird, and others. Pick what’s right for you.