Whats the best way to access home lab and use mullvad

Hi all

So i know i could use tailscale here, but im trying to avoid continuing to use external services like that, plus the performance isnt great over tailscale for me, even on a 1G line.

So i have a self hosted wireguard which works and it connects to my pihole, however id like it to essentially work like the following.

Phone > wireguard / home lab > mullvad when leaving home.
Now since mullvad closed port forwarding this makes it a bit harder.

So i was wondering is there a way to do this?

Tia

I believe you can do this with Tailscale + Mullvad purchased through Tailscale.

You’d use Tailscale to connect to create an “overlay” network that connects your devices securely whether they are within or outside your LAN, and set it up to route traffic through Mullvad. IIRC tailscale uses Wireguard under the hood.

1 Like

You could consider creating a Mullvad connection from your home lab server and route all of your remote traffic out through the Mullvad connection while routing any local traffic to your homelab. Essentially you’d be:

Phone → HomeServer → Mullvad

  1. Wireguard from Phone to Home Server
  2. Home Server to Mullvad

You’d need to allow your home lab server to forward traffic, essentially acting as a router.

I’m very interested in this set-up. I have set-up Wireguard, and Tailscale / Mullvad is an option for me as well. Right now, I’m using Umbrel to self-host, so I’m not sure how to connect my home server to Mullvad. Maybe this is something I have to do on a NAS once I get one.

I really don’t like that i cant pay with crypto for tailscale. They say its not a priority but mullvad’s point depends on this for my theat model.

Tailscale is user-friendly and simple to set up. Personally, I prefer minimizing third-party dependencies for basic tunnel setups and enjoy a deeper understanding of the configuration process. Configuring a WireGuard client on a Linux server is straightforward. While the Mullvad GUI client might work well, you can generate a WireGuard configuration from Mullvad and manually configure it on your server:

Or use your router to handle this logic.

On OpenWRT, you can use Policy Based Routing to accomplish this. It’s not as flexible as using the Mullvad app directly, but it does allow you to connect to your home server will still having outbound traffic in Mullvad. Expect performance penalties for doing so.

Yes, this logic makes great sense in your router, as long as the router is well suited to handle multiple VPN cryptography operations with ease.

I’ve used this set up for quite some time with little latency impact for general web browsing, streaming, and even real-time video. If you have enough resources to handle multiple crypto tunnels and do not typically travel far from your home lab, I’ve found the latency overhead to be completely acceptable and usually unnoticeable. I imagine if you’re far from your home lab, you’ll see noticeably more latency.

edit: grammar

…and obviously you need a good reliable connection to your home lab with strong upload speeds