I have a vacation home with an OpenWRT router behind a LTE modem (CGNat) and I would like to access the network from outside, preferably through VPN (Wireguard) but I cannot duckdns the dynamic IP address as it is behind CGNat.
Which is the cleanest way to achieve this? I discard the use of an intermediate VPS server. Maybe open a SSH tunnel to a router accesible from outside? How would it be the procedure?
Thanks in advance.
Draytek devices have a thing called VPN Matcher. It can allow you to vpn in to device behind a cgnat connection.
Some operators (at least mine) gives the possibility to sett a different APN on the LTE modem, and this will give you a real public IP. That said, using a tunneling solution can provide better security.
If you want to keep it in house, Mikrotik does a $100 LTE now.
Then in that lte router, you can set up wireguard.
You’ll need to buy a VPS for a few $ a month. Set up wireguard on that, then you can do anything you want.