-
Depends on your home server - what is it?
I spent several hours over the weekend setting up a FreeNAS jail to run over VPN for all external connections while still allowing internal connections. It needed a basic set of rules for the firewall (ie allow all packets over the VPN, allow packets to the VPN DNS server over the ethernet, allow packets from 192.168.0.1/24 over the ethernet interface, drop everything else) and it may be that the DNS requests, while going to a safe server, can be intercepted. This also acts as a kill switch (I think), nothing other than the exceptions can go out over the normal connection.
However, if your home server is a little all-in-one NAS like a Synology etc then you may not have that option - why not do as @hippy suggests?
You are reading a single comment by @hamrack and its replies.
Click here to read the full conversation.
hamrack
boristrump
Yes, setting them up like that might be possible.
The point that puzzles me is how I would be able to set up the home server so that it only ever connects to the internet over the VPN link, but it can also still be accessed freely from my local network.
I sense the difficulty will be that I would need to put the home server on a separate subnet that is used by the DD-WRT, but I would also need to be able to selectively route specific LAN traffic to the home server.
A "I don't really know what I am doing" gif would be appropriate at this point.