So basically, I will be away from home for several weeks. Unfortunately, this became the perfect time for our home router to start acting out and factory resetting itself. We are awaiting a new router for replacement, but the time is tight.
My stuff is ethernetted in, so that connectivity isn’t an issue - the issue is that I couldn’t actually connect to the router to restore services even if it had internet by fixing all the settings including port forwarding.
What I would like would be the ability to have a VPN perhaps connected to my homelab, so I can hop on the router and restore the settings if this issue happens while I’m away. Any ideas?
Edit: I settled on Netbird. Thank you for your help!
You must log in or register to comment.
Tailscale. Create an account, put the client on the LAN device, put the client on the remote device, log in on both, you’re done. It bypasses NAT, CGNAT, and the firewall through some UDP black magic fuckery. As long as the router allows outgoing connections, it will work.
If the factory resets cause the router to lose connection to the ISP, though, then nothing will work.
i use it too, but why does it require a google or microsoft account? or idk what the other option is
To delegate the responsibility of securing login data to a company better equipped to deal with it (in theory at least). You can also use an external OIDC provider.
In addition to Netbird, I also suggest Pangolin, https://pangolin.net/ it’s quite efficient at what it does but either way would work fine if you want to self host it.
I’m keep thinking at some point tailscale is going to incorporate a feature similar to pangolin. I mean pangolin is just a proxy server tied to wireguard ( or newt). You can also do very similar things with cloudflare.
Tailscale already does though, I think.
https://tailscale.com/docs/features/tailscale-funnel
Although it might work differently.
Sorta. This opens up a Tailscale node to the world with their weird names. I want my own custom domain pointing to Tailscale endpoints like pangolin does. So the funnel is very close you’re right, but needs a tiny bit more.
Netbird is EU-based and similar to Tailscale (and its fork Headscale).
Thank you, I set this up and it works 🙂
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters CGNAT Carrier-Grade NAT DNS Domain Name Service/System IP Internet Protocol NAT Network Address Translation PSU Power Supply Unit SSH Secure Shell for remote terminal access UDP User Datagram Protocol, for real-time communications Unifi Ubiquiti WiFi hardware brand VNC Virtual Network Computing for remote desktop access VPN Virtual Private Network VPS Virtual Private Server (opposed to shared hosting) k8s Kubernetes container management package
[Thread #132 for this comm, first seen 4th Mar 2026, 02:40] [FAQ] [Full list] [Contact] [Source code]
The most basic solution would be a SSH reverse tunnel to a VPS outside. Have a machine in your network establish that tunnel and set it to reconnect automatically. Now you can SSH into one box of your network. If the router acts up and factory resets (as long as it reestablishes the connection), you can SSH back into your network and reconfigure everything from there.
Unifi Cloud Gateway Ultra as your router - Wireguard VPN in to your network and if that fails to connect then you can use Teleport feature via the WifiMan app.
I have set up Tor secret services in the past to do this.
The service exposed the SSH port which could then be accessed from anywhere as long as you can connect to Tor.
Without a secondary internet connection this isn’t possible.
The router is the connection - its the gateway (a term we don’t hear much these days).
You could setup an independent connection via a cell modem - becoming a secondary connection. This is common for remote locations or even small businesses that need a failover just for management.
You could even have it on a single machine and have a vpn there. Then you could RDP/VNC to that one machine and manage things from there. I’ve done the VPN this way with Tailscale. One machine has it (I’ve even done it with a Raspberry Pi), then you can RDP/VNC to other machines from there.
But there’s not much I could see you doing if the gateway is down anyway.
