Low Orbit Flux Logo 2 F

VPN

A VPN (Virtual Private Network) creates an encrypted tunnel between two endpoints. Traffic through that tunnel is protected from interception, and the destination sees the VPN server’s IP rather than yours. The term covers a few different use cases worth keeping distinct:

Remote access VPNs let you connect to a private network from outside — the most common home lab use case. You run a VPN server on a machine with a public IP, and connect to it from wherever you are to reach your local network securely.

Site-to-site VPNs connect two entire networks together so resources on both sides are reachable as if local. Common in enterprise environments, useful in multi-location home labs.

Commercial VPN services route your internet traffic through a provider’s servers for privacy on untrusted networks. These are a different category from self-hosted — you don’t control the server.

WireGuard

WireGuard is the current standard for self-hosted VPNs. It’s built into the Linux kernel (5.6+), has a tiny codebase compared to OpenVPN, and performs better in most benchmarks. Setup is simpler than OpenVPN once you understand the key model. If you’re setting up a new VPN from scratch, start here.

OpenVPN

OpenVPN is the older, more established option. It’s been the standard for over a decade and has broader compatibility with routers, commercial services, and corporate environments. It requires more setup than WireGuard (a full PKI with easy-rsa) but gives you more configuration flexibility and works in environments where WireGuard isn’t available.

Tailscale

Tailscale takes a different approach — it’s a managed mesh VPN built on top of WireGuard. Instead of running your own server, you install the Tailscale client on each device and they form a peer-to-peer mesh. Tailscale handles NAT traversal, key management, and device authentication. It’s the fastest way to connect devices securely across different networks without any server configuration. The free tier covers most personal and home lab use.

Hook VPN

Hook VPN is a lightweight VPN tool also covered on this site.