I set up Wireguard on my phone, server, and computer to let my phone access my home network when I’m outside of it.

It works for the most part, but the inconvenient thing is that on Android you can only have 1 VPN running at a time. I want to use Mullvad VPN for the rest of my network connections for privacy.

I could make a single Wireguard config that defines 2 peers to connect to mullvad and my home VPN at the same time, but by doing this, I lock myself to a single server without the benefits of being able to swap servers at the same time.

Locking myself to a single mullvad server results in:

  • less privacy, since my IP is more static
  • inability to switch to bypass a VPN block

On desktop, I can have multiple wireguard VPNs at once, but if I have both running at the same time, then my LAN is accessed over the home VPN which is routed through Mullvad VPN. It goes

Computer -> Mullvad server -> Home VPN -> Home server

which is pretty wasteful.

Additionally, I’d prefer not to not do something like: Phone -> Home VPN -> Mullvad server -> destination, as my upload speed is pretty bad and this would throttle every non-local connection

What options do I have?

  • Vanilla_PuddinFudge@infosec.pubEnglish
    12·
    1 day ago

    “WG Tunnel” on f-droid lets you define a config/native for either mobile or wifi, whichever you want.

    two configs on both? It does that. A config on one and nothing on the other? It does that. It swaps whenever your phone moves from mobile to wifi or vice versa.

    if neither is selected, it considers it “both”.

    • NarrativeBear@lemmy.worldEnglish
      1·
      2 hours ago

      Thank you! I have been wanting this and had no clue it already existed!

      Now if only it were possible to have a VPN active on wireless Android Auto.

    • Xylight@lemdro.idOPEnglish
      5·
      1 day ago

      If it turns on with mobile data automatically, that turns off my Mullvad VPN.

      • Vanilla_PuddinFudge@infosec.pubEnglish
        3·
        22 hours ago

        The tailscale method, bake it yourself. It’s all routing-based.

        If you have a remote VPS and a home wireguard server and both are connected, then you have a remote connection outside of your home network. Make it a transit router. Then you’ll have your mesh and your VPN all in one, even if it’s still just all you.

        Go a step further and connect mullvad to the vps and do a little routing work.

        As for what routing work specifically, I couldn’t begin to tell you. Ai and some search-engine-fu might be necessary.

        Here’s a (similar) example, even if he’s doing it backwards to my suggestion:

        https://superuser.com/questions/1776851/routing-wireguard-peers-traffic-via-another-peer