-
Notifications
You must be signed in to change notification settings - Fork 19
Accessing Home LAN via NordVPN Meshnet
If you found this guide helpful and are feeling extra appreciative, consider supporting the channel:
- Donate me a KO-FI: https://www.ko-fi.com/kltechvideos
- Follow on X (Twitter): https://x.com/kltechvideos (Help me beat the algorithm! 😂)
- Subscribe on YT (YouTube): https://www.youtube.com/@kltechvideos
- Checkout the Blog for more cool projects!: https://blog.kltechvideos.co.uk
- Don't forget to let me know what content you are watching or reading on my socials!
This guide outlines how to configure a Linux server as a Meshnet hub, allowing remote devices (phones, tablets, or laptops) to access local services securely.
Download and install the NordVPN client for your Linux distribution. Follow the official documentation for specific repository setup:
- Official Guide: [Installing NordVPN on Linux](https://support.nordvpn.com/hc/en-us/articles/20196094470929-Installing-NordVPN-on-Linux-distributions#h_01JV47D97QWE4BNN1Y7PKSJARC)
Log in to your account using a service token. This is the preferred method for headless servers or remote CLI setups.
- Generate Token: You can get your token from your NordVPN account online under the Access token menu located under NordVPN.
- Direct Link: [NordVPN Access Tokens Dashboard](https://my.nordaccount.com/dashboard/nordvpn/access-tokens/)
nordvpn login --token <YOUR_TOKEN_HERE>You do not need to enable the standard VPN connection on the server. Instead, activate Meshnet as a standalone feature.
nordvpn set meshnet onFind the Meshnet IP address assigned to your server. This address is static within your Meshnet and used for routing.
nordvpn meshnet peer listNote: 💡 Your server is typically listed at the top. Note down the IP and the Hostname (e.g.,
keithaglewis-pyrenees.nord).
To use custom domains (e.g., app.mydomain.com) over Meshnet:
- Reverse Proxy: Point your Nginx Proxy Manager (NPM) or similar proxy to your local service ports.
-
DNS Rewrite: In AdGuard Home or your preferred DNS manager, create a wildcard rewrite:
-
Pattern:
*.mydomain.com - Target IP: The Meshnet IP address of your server (from Step 4).
-
Pattern:
Grant permission to your remote device (phone/tablet) to reach your home LAN. The remote device must be logged in and connected to Meshnet first.
Identify the peer name from the list in Step 4 and run:
nordvpn meshnet peer local allow <peer-hostname>Example:
nordvpn meshnet peer local allow keithaglewis-pyrenees.nord
To properly resolve your home domains and access the LAN, follow these steps on your phone or tablet:
-
Set Custom DNS:
- Open the NordVPN App.
- Tap the Profile option (user icon inside a circle).
- Tap DNS ➔ Use Custom DNS.
- Enter the Meshnet Server IP you noted in Step 4 and Save.
-
Activate Meshnet:
- Go to the Products page in the app.
- Tap Meshnet and toggle it On.
-
Connect VPN:
- Go to the primary page and connect the NordVPN app to any VPN server.
-
Access Your Apps:
- You can now use your home domains (if set up in Step 5).
- Alternatively, enter the Meshnet IP of your server followed by the port (e.g.,
100.79.5.76:8096).
- Re-verify: If after these steps you cannot access your services, go through them again to ensure no command was missed.
- Firewall Rules: Your home network or server firewall may be blocking the connection. You may need to provide your Meshnet Server IP access or the Server’s Local IP.
- Traffic Translation: Be aware that traffic from Meshnet devices inside your network may be translated as your Server’s IP (common with services like Jellyfin). Ensure your app settings allow connections from that specific IP.
After configuration, run nordvpn meshnet peer list to verify the status of your peers:
| Field | Requirement | Status |
|---|---|---|
| Status | connected |
🟢 |
| Allow Local Network Access | enabled |
✅ |
| Allow Incoming Traffic | enabled |
✅ |