• 1 Post
  • 6 Comments
Joined 1 year ago
cake
Cake day: July 11th, 2023

help-circle

  • It is that simple. Make the dns entry point to your vpn subnet 10.10.100.X. The way it works is anyone not on your vpn won’t be able to resolve the ip address and will get an error. Anyone on the vpn will be able to resolve the ip address and connect via the vpn connection.

    The part people are talking about that is likely confusing you is that if your service is already available via your actual ip address 1.2.3.4 then you have a security concern since anyone can access 1.2.3.4 even without your domain name pointing there. They are encouraging you to make sure your 1.2.3.4 network doesn’t allow access but updating your firewall settings to make sure it blocks connections that are not made via your vpn subnet of 10.10.100.X






  • Definitely! I’ve used them for years and they are super convenient. Especially in small space living. I have a small server setup in a closet that is a direct attached raid array with an m1 Mac and an Intel nuc on top.

    In general I prefer the max because it can do a lot with very minimal heat generation but using a Mac mini as a server has a few downsides that you won’t run into with a nuc. Things like arm vs x86, no way to run the OS headless, cost, etc…