Accessing QNAP from outside home after deadbolt - VPN options

I was hit by Deadbolt and lost so much that I sold one of my QNAPs.

I was about to sell the other one recently, but while cleaning it up I decided to set up Plex with my old iTunes music library…and got hooked! Now I want to be able to access it while out and about.

My thinking is that QNAPs are always going to be at risk of attack, so running a VPN on the QNAP isn’t wise.

Would it make sense to get a trustworthy router that I can VPN into, and then access the QNAP once I’m “on” my home network?
That way I let the router handle the VPN/security, using wireguard or something, and let the QNAP do files etc?

I just set up a RaspberryPi with a VPN on it and use that

Yes get either a router that supports WireGuard or buy a small pc for 50$ and install Linux on it and install WireGuard and just open this one port. I run 3 qnaps for more than 10 years never got hit by any security issues as I have them not accessible from the internet without VPN.

Look into tailscale it’s supposed to be easy set up and secure.

Maybe use Jellyfin over plex. It’s free and I like it a bunch more

And use tinymediamanager to scrape the metadata

I use OpenVPN and it works great.

If devices such as roku or chromecast running plex want to connect, how does that work?

I have an old 2012 mac mini at home running the latest Debian and a wireguard server among other things. I connect from anywhere to my home, directly, and then I get access to my NAS and lots of other things like my other computers, camera system and lights too

Wireguard running on Raspberry Pi 4 is very reliable and effective.

While I do like tailscale for simplicity, too often I don’t get good speed. It’s usually max 2MBps, but most of the time like 500kbps. I’ll try WireGuard soon enough to try to get better speed.

Plex with remote access can be setup in different ways

- Direct install via QPKG and with port forward (maybe change the incoming port) of ONLY the Plex port (banking on Plex’s better security track record)
- Install of Plex via Container or VM (hopefully traps successful attackers in that virtual environment) with port forward
- Install Plex as above but via relay function (free 1Mbit\s|Pass 2Mbit\s) no port forward
- Install Plex as above but with clients that either support VPN connections or are in a network that can establish tunnels to a Plex server via split tunnelling (e.g. Asus Merlin FW) no port forward

Are you direct connecting or going through a derp relay. This explains why it has a effect on speed

I remember that it’s relayed always, but I didn’t get into too much details. I do access qnap and personal server through tailscale but because of the speed I don’t transfer files. I’ll definitely check out your link, I need to go abroad soon so it will help to have backups and some other things available Thanks!

And to be honest, I didn’t pay that much with any of that, just tried the speeds with iPerf. I’d probably be too lazy to setup WireGuard if it was a bit more complicated