Comment by mort96
12 hours ago
OpenVPN makes SNAT relatively trivial, from what I can tell. So I can VPN into a network, use a node on the network as my exit node, and access other devices on that network, with source-based NAT set up on the exit node to make it appear as if my traffic is coming from the exit node.
Wireguard seems to make this much more difficult from what I can tell, though I don't know enough about networking to know if that's fundamental to wireguard or just a result on less mature tooling.
WG is no different really, but you'll have to set it up yourself unless you use a client like tailscale. WG is just bare bones and you're supposed to use a proper client.
Add SNAT rule, enable forwarding, add allowedIPs to WG config.
Right, so my understanding is essentially correct. OpenVPN makes it trivial to set up a VPN which lets you access a remote LAN, without having to involve third-party SaaS products like Tailscale.
It was just an example, and you could run headscale if you want the mesh feature. There's simple gui clients like wireguard-gui as well.
1 reply →