A Virtual Private Network (VPN) is a way to securely access a private network over a public one such as the Internet. For example, when I am away from home I may want to access and use my desktop computer located in my home study. But I do not want other people who may have access to my connection, (think of WiFi hotspots in many places such as restaurants, hotels, and businesses), to see what I am doing or typing. A VPN provides an encrypted (unreadable) tunnel between my device, such as a laptop or a tablet, and my home network. That way I can access my home network securely and as if I was connected to my home WiFi. A VPN can be used to securely connect two private networks, (such as between a home and a vacation home), over a public one. However, my goals for a VPN are fairly simplistic and are as follows:

The technologies used to implement this solution are:

At one point in my professional career I was traveling out of the country on a regular basis. At times when away from home I wanted to be able to securely connect to my personal desktop or other service such as my home automation server. Since these things are protected from connections over the Internet I needed a way to reach them without compromising their safety. A virtual private network (VPN) is a way to connect a device to a remote network over a secure (encrypted) channel.

The only change for 2021 was to move OpenVPN, (the VPN server software), from a Linux virtual machine running on an unRAID server to a Docker container. I also used to have two servers running OpenVPN in a clustered configuration. That allowed one server to be unavailable, but still allow connections through the other server. Since one goal of the changes for 2021 is to reduce server count, there will be no fail-over option for this implementation.

OpenVPN has Windows and Android clients, (along with others such as iOS), so it easy is to install and use. It also allows two factor authentication meaning that you not only need your user name and password to connect, but a second authentication mechanism such as an app on your phone.

The WOL plug-in for unRAID can be used to wake a computer from "sleep" mode. While I want to be able to connect to my home desktop when away from the house, I also do not want to keep the desktop fully powered on while away; that would be a waste of energy. Instead, my desktop is configured to go into a low-power "sleep" state if I do not use it for 15 minutes. When I am in my house I can just move the mouse or press a key on my keyboard to "wake up" my computer so it can be used. Obviously I cannot physically move or press anything at home when I am on the road. But WOL can "wake up" my desktop by sending a message to it over the network when I want to use it. So, in order to use my home desktop computer while away from home, I will first connect using VPN, then use the WOL plugin on the always-on unRAID server to turn on my desktop. Then I can use something like Windows Remote Desktop to interact with my home computer as if I was physically in front of it.

Another benefit of using a VPN is that you can configure it to connect to places on your behalf. For example, if I am in Italy using a hotel's WiFi to access Google, I will be greeted in Italian and given search results that are biased to Italians. Also audio and visual streaming services such as Netflix, Amazon, Apple iTunes, etc. offer different or no content to countries outside of the US. By using the VPN when I am in another country I can access everything as if I were physically in the United States.