Access your server privately from anywhere in the world by routing traffic through a VPN server on your router or a cloud VPS. Only authorized devices with the VPN configuration can reach your server.
This connection method is ideal for fast, private, personal access from anywhere in the world using a VPN server running on your router or VPS. Only authorized devices have access to your server and installed services.
Most modern routers include a VPN server feature. If so, it is usually the preferred method for private, remote access to your server.
If you haven’t already, assign a static IP address to your server on the LAN. Refer to your router’s user manual for detailed instructions.
Since home IP addresses can change without warning, we highly recommend setting up dynamic DNS. Many routers offer this as a built-in feature. If not, third-party services are available. Without dynamic DNS, a change to your home IP will disconnect all VPN clients until you re-download configuration files for each one.
Enable your router’s VPN server. Refer to your router’s user manual for detailed instructions.
By default, StartTunnel exports wireguard config files that are configured for split tunneling, allowing you to use your StartTunnel VPN to access your StartOS server and installed services while also preventing it from being automatically used for all Internet traffic.
There are three reasons to select this option:
Your router does not offer a VPN server.
Your router’s VPN server is not automatically configured for split tunneling.
You are already using StartTunnel for clearnet hosting, so most of the work is already done.
To use StartTunnel for private, remote VPN access, see StartTunnel.
Import the config file to your iOS device. If the configuration file can be displayed as a QR code, that is usually easiest. If not, you can download the file and transfer it to your iOS device.
Your VPN tunnel will have been created and visible in the WireGuard app where you can click to activate it.
Click the + button to add a new profile/connection.
Import the config file to your device. If the configuration file can be displayed as a QR code, that is usually easiest. If not, you can download the file and transfer it to your device.
Android will inform you that WireGuard wants to set up a VPN connection. Click “OK”.
Transfer the configuration file to your iOS device. If accessing your router UI via a laptop/desktop, you will need to download the file to that device, then send it to yourself via email, message, or other file sharing tool.
Import the configuration file and enter the necessary authentication settings you chose or were default on your OpenVPN server on your router.
Depending on how you’ve configured your OpenVPN server, you may need to add a username and password before you hit Connect.
Once set up, click on the name of the profile to connect and disconnect. You can edit the profile from the icon to its right.
Transfer the configuration file to your device. If accessing your router UI via a laptop/desktop, you will need to download the file to that device, then send it to yourself via email, message, or other file sharing tool.
Click the + button to add a new profile/connection.
Import the configuration file. Consider giving the profile a descriptive name.
Android will inform you that OpenVPN wants to set up a VPN connection. Click “OK”.
If you set up your OpenVPN server with username and password authentication, enter those and select to save the password.
Once set up, click on the name of the profile to connect and disconnect. You can edit the profile from the icon to its right.
Tip
If you’re not able to browse websites when connected, your router VPN may not be providing valid DNS servers. Edit the profile, visit the IP and DNS tab, and override the DNS settings with your own.