Home based VPN without setting up port forwarding..

[toString]

I have a Pi4 with wireguard (I think from the pi-vpn suite). I use this to get into my house from anywhere else I might be. Works perfectly - just tap a button in the app, done.
I do however have a static IP and a good router to setup the port forward.

I want one in another country (in-laws) but they have no static IP (could even be CGNAT for all I know) and crap-tier router.

Is there any other solution I could use? I've heard of talescale? But I also heard it's worse than wireguard..
Thanks for any info..

 

[toString]

Oh maybe I completely missunderstood talescale then? I assumed it was like wireguard on my pi.. Where I 'appear' on my phone like I'm on my home network (192.168.1.1 opens router page etc).
Are you saying TS is not like this?

 

[toString]

It is, and it isn't.

Wireguard is a VPN protocol, as is OpenVPN (amongst many, but they're the 2 most common, especially in the consumer space). They're basically specifying how the data is encrypted/decrypted.

Tailscale is a service, which uses the wireguard protocol for your connection, but uses it slightly differently to your Pi-VPN.

A traditional VPN will have a VPN server (e.g. your Pi running at your home). Clients will communicate to that server directly & establish a connection. Direct A<->B. Whereas Tailscale is A<->C<->B but isn't decrypted at C.

As an anecdote, think of it as you want to send a letter to the address 123 vpn street (the VPN server). You (the client) writes the address of the server on the envelope (the encrypted data) & post (the internet) it. Because the address is on there, it gets to that address & therefore the connection is made.
If, however 123 vpn street has a locked fence (your firewall, without any open ports) (or in a CGNAT example, is a block of flats, with only the main building address available, not the individual flats), if you tried this again, your letter wouldn't be able to be delivered, as although the postie might know the address to deliver the letter to, it can't get there (or doesn't know which flat, in the CGNAT example).
In this case, using something like tailscale is like posting your letter to a PO box. The PO box securty is handled by someone else & can accept all incoming mail, then someone from 123 vpn street can leave their home, when they are ready & have the key & go to the PO box & pickup any mail that's arrived, thus establishing the connection.

They're not perfect annecdotes, but hopefully gives you more of an idea of how the differences work.

Thanks all for the replies. Especially you RC. I will give it a go. I do like the sound of talescale for situations like this. Hopefully get it done right enough that next time we are there I can plug it in and leave it without having to bring a keyboard and screen with me lol..