I am using OpenVPN on a router at my home. I have Comcast for my ISP. When I am traveling, I connect to this VPN for security, but more importantly, to access computers and hard drives at home. My understanding of cellular for ISP is that the public IP address is constantly changing and therefore not possible to have a home VPN, which requires a fixed public IP address. Am I correct? Thanks.
Yes, it’s possible. Unless is much cheaper than Comcast, perhaps just leave as is.
You likely need to use a 3rd party service/app that allows your dynamic IP to function like it was fixed.
If you run a vpnserver at home you would have a static external IP address.
You could then remote VPN to that home vpnserver
I use this.
You can do this and keep it in the OpenVPN family. You will need to build a tunnel out to a destination from the home and then connect there. OpenVPN has a cloud service called Connexa and it works great. It is free for up to 3 connections and the house would count as one.
I use a vpn on our home internet now and then we I need open ports to the internet back to local devices. The tmobile IP address changing doesn’t matter since you will get your own on the vpn. You can buy a static IP address with some VPNs or use a DDNS to connect back to your home devices.
I just got my Wireguard (using PiVPN on my pi3b+) working last weekend. I already technically had a VPN working use the Unifi Teleport but it only works on mobile devices.
I did find it a bit slow at times, but for my purpose it did it’s job.
I can VPN into my home network using T-Mobile 5G Business Internet with a static IP address. I enabled IP Passthrough on the T-Mobile router so my downstream router has the public IP on it’s WAN port.
I think you can achieve this with Tailscale, setting a Tailscale device on your home network as an exit node.
I recall experimenting with this a ways back with TMHI, though I don’t use Tailscale myself at this point.
Tailscale and subnet routing. Can run on anything, basically, even a raspberry pi.
You can even run it on an Apple TV. Install Tailscale on an Apple TV · Tailscale Docs
I’ve done this with tmo home internet before, and other use cases for the past 5 years.
I had TMHI at my parents’ old home and used Zerotier - worked seamlessly, I was just going device to device. The router I had in place did support it and I had a connection to the router as well, but never bothered with setting up routing because there was only one device on the network to connect to.
With cellular or Starlink, the issue isn’t your WAN IP that is changing. The issue is them using CGNAT, which essentially means you have 2 layers of NAT so that your router WAN IP is not Internet accessible from the outside. With Comcast, you have a dynamic public IP that may infrequently change, but can change, but is Internet accessible public facing. Services like NoIP let you have a domain that is tied to a service on your router that keeps updated whenever your dynamic WAN IP changes, so you can make inbound VPN connections with OpenVPN.
With cellular TMHI, not only can your WAN IP change, but it isn’t publicly accessible due to CGNAT. So you need something on your firewall/router that establishes your VPN connection outbound through the CGNAT layers. Tailscale is a good option that I’m using with PFSense router/Firewall and both Comcast and Starlink.
Thank you! Comcast with cable TV, phone, and internet has gotten very expensive. In January of this year, everything increased 30% and I got notified that this January there will be another price increase. So, I am looking for ways to economize. I no longer need a landline with my T-Mobile cell phones and tmobileisp is much cheaper than Comcast. So, I am thinking of just doing cable TV with Comcast, internet and my cell phone with T-Mobile.
Sorry, I’m not sure what “DNM” means.
Thanks for this information.
Thanks. Just using my T-Mobile cell phone I am getting double or more the download speeds than what I get with Comcast. However, upload speeds, which are important for a home VPN, are half of what I get with Comcast. T-Mobile: 10-11 Mbps; Comcast: 23-24 Mbps. So, the upload speed that I might get with a T-Mobile router concerns me.
This.
Tailscale handles the dynamic IP and such and runs on the wireguard protocol making it much faster than OpenVPN.
Subnets allow you to connect to anything inside your home network while running tailscale on a single device inside the home.
And if you need the functionality there’s also exit nodes.
Thanks. I also use ZeroTier, which works great.
Thank you for this explanation. I have used NoIP, but Comcast has gone years without changing my public IP address. Since I use pfSense for OpenVPN, I have some learning to do on how Tailscale, which looks great by the way, is used with pfSense.