TLDR: VPN-newbie wants to learn how to set up and use VPN.
What I have:
Currently, many of my selfhosted services are publicly available via my domain name. I am aware that it is safer to keep things closed, and use VPN to access – but I don’t know how that works.
- domain name mapped via Cloudflare > static WAN IP > ISP modem > Ubiquity USG3 gateway > Linux server and Raspberry Pi.
- 80,443 fowarded to Nginx Proxy Manager; everything else closed.
- Linux server running Docker and several containers: NPM, Portainer, Paperless, Gitea, Mattermost, Immich, etc.
- Raspberry Pi running Pi-hole as DNS server for LAN clients.
- Synology NAS as network storage.
What I want:
- access services from WAN via Android phone.
- access services from WAN via laptop.
- maybe still keep some things public?
- noob-friendly solution: needs to be easy to “grok” and easy to maintain when services change.


Personally I would have gone for OpenVPN access server on Debian. Fairly simple and well documented for those starting out.
I have used and worked with OpenVPN connect on android, PC and Mac.
PiVPN offers both services, Wireguard and OpenVPN.
What app do you use on Android? And on Windows?
OpenVPN connect on both. I load the .ovpn-file that is exported from the server and that’s it.