2023-09-22, 04:33 AM
(2023-09-21, 08:32 PM)bitmap Wrote: Split tunnel the VPN, don't port forward either service. Set up Tailscale (easy but extremely limited) or another Wireguard implementation (slightly harder, but provides secure access to your entire internal network) as a VPN back into your home network and forward only that port. You can also use a non-standard port to reduce chances of it being found passively.
With a setup like that, they would essentially need to have the port, config, and a secret to get in. I believe that's the most secure way to accomplish what you want and it sounds like you could accomplish it with what you know.
Thanks man!, ill try just that.