I want to protect my home services, so when accessing my domain it goes trough the vps and you only knows its IP (a datacenter IP) but for my friends and family I don't need this protection so they are accessing my home with a VPN connection and btw they are using the vps to make requests and so protect their privacy.
The simple solution (since my services are publicly available), would be to route all traffic coming from my friends trough my home and then through the vps. But I don't like this idea since it would add a lot of latency and useless traffic since the client is already going trough my home...
So my question is how could I route directly to the client the local services and let go through the vps the rest of the traffic?
The request from client for local services goes trough the first VPN and are resolved in my home and then comeback.
The request from client to outside services goes trought my home with the first VPN, are resolved here and then go to the internet trough the second VPN and then comeback to the client
This is not what I exactly want to do.
Requests to my home services are protected by not going directly to my home and rather going trough VPS, but since I know my friends I can let them go directly to my home without at any time go trough the VPS (expect to make up the out request).
Yeah that's what I was thinking thank you.
But how can I restrict the access of my local network to my friends and family connecting to the VPN provided (is tailscale something to consider?)
Didn't know if I explained it bad, but it's not exactly what I want to do.
All the request goes trough my home (since people are VPNed to it), if they are requesting outside stuff it goes trough the VPS using VPN connection.
But they request inside services it should go directly to them.
Basically I want to know a way of routing everything trough VPS (basically a wire guard connection) but home services to avoid doing a useless journey to the internet
I know but don't think you could find them there. The only way of getting good ones is surely to buy some that seems reputable (aka not amazon shit) and test them in labs (maybe someone already done that and that Faraday bags recommandations exist online)
Try to find a custom build by the community