Hi all,
I have the following challenges:
- I have friends and family that want to access my services
- But they cannot / don’t want to install any VPN
- But I don’t want to open my services to the complete internet

My idea: It’s good enough, if they can access the services at home. They have internet provider with dynamic IP address. In the router, you easily set a DynDNS-Service.

So: Why not just have a rule, that only allows connections of the IP-addresses of the DynDNS-Domains. Of course, the proxy/firewall would recheck the DNS entry regulary.

Someone has tried such a setup? What solution are you using? Do you think it’s similar secure as a VPN? (of course HTTPS connections only via Letsencypt cetificiate)

  • IllegalD@alien.topB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    It sounds like your friends and family are actually the administrators of your network 😁

    • Simplixt@alien.topOPB
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Haha, for my parents it’s better to change an unvisible setting in the router, instead of placing a raspberry pi in their network or installing WireGuard on every device. They are paranoid with any software that must be installed :D