Softether vpn or OpenVPN in fttl config built into my synology.
I easily max out my house upload at 115mbit
Seems easiest to deploy the cert and login for my servers with motivations of logins but that’s it.
I don’t forward the portals login at all.
I run nginx proxy manager in a Synology VM. I don’t want to use the Synology reverse proxy partly because it gives away what it is, and also because it’s not very configurable as far as Locations go etc. The proxy manager gives me access to a couple services like Synology Drive without a VPN. But you need a VPN to get to DSM.
Best way to loose your data to ransomware.
I do literally nothing without the VPN, zero exposed ports or connections are allowed into my network.
tailscale can be your new best friend, if you want it to. use it myself and couldnt be happier. pretty easy to setup compared to vanilla wireguard. its free too
QuickConnect but only expose certain folders. If you live in the US you should also lock it to all connections from outside the US.
Reverse proxy with MFA/SSO for anything that needs access externally (Plex/Overseerr/Home Assistant/DSM), VPN for anything that shouldn’b be accessed externally (Portainer/Unifi/SSH).
Not even a tiny chance
Cloudflare tunnels for me
No. Using WireGuard VPN to access not only NAS but anything at home.
I would of I could but I’m behind double Nat and can’t access the buildings Roger to port forwarding.
Use synology with tailscale. It’s perfect for this. I also have mine opened via a nginx reverse proxy and authelia 2FA, but this is not recommended for risk, and highly complex.
maybe you can help me:
I just opened 5001, 443 and 80 in order to access my NAS via DDNS/WebDAV.
Tailscale and OpenVPN were not an option since I need to be able to access the NAS from different clients, different networks.
what would be another recommended layer of security? I am not yet familiar with cloudflare or zero tier. u/bassguybass?
I did some basic stuff like no admin/guest Acc, proper firewall settings, MFA etc…
Second this. No need to fiddle with OpenVPN and even works through double router. Safer than quickconnect I believe.
Same here. Tailscale is free and easy to configure. No need to expose your IP.
How does it compare to quickconnect, speed wise?
You can use Cloudflare ZeroTrust to expose network hosts/subnets as well, so you do not need tailscale to achieve that 
Does Tailscale work if your ISP doesn’t provide an externally addressable IP or blocks all incoming requests? I know someone that used a VPN with their old ISP but can’t with their new ISP because of this.
Currently doing that with wire guard, but really want a seamless experience.
How does the vps works in this scenario?
And how fast is quickconnect these days?