Hello,
I want to communicate with an iot device over the Internet when I am on vacation. However in order to minimize the risks I want to make sure that this device is the only accessible device and that a potential attacker would be only able to access this device and no other device or the internet if the password is hacked.
How can I achieve this? I think I should probably use a VPN, but which? If you have any recommendations i'd like to hear them.
Thank you for your advice. I was able to successfully setup a WireGuard VPN. However I have a ds-lite connection, therefore I need a portmapper or a similar service to reach my VPN from ipv4. In Germany we have the following service: https://www.feste-ip.net. It roughly costs 5$ per year. However it only supports TCP. Are there any similar cheap services for UDP (because WireGuard works with UDP) or do I need to switch to OpenVPN?
If the client side ISP supports IPv6, then you don't even need IPv4 to establish the tunnel.
Otherwise, OpenVPN over TCP or something like ZeroTier should work too.
I tried installing OpenVPN over TCP. The VPN connection is working flawlessly through LAN. However if I want to connect through ipv6 over the internet it is not working (i have not checked ipv4 yet).
If OpenWrt creates a route for the entire prefix, you can skip the sourcefilter option.
Also skip the ip6class option since it's for the client side.
Specify your domain instead of IP: