Open Source Solutions for VPNs over CGNAT: P2P Alternatives
Keywords:
VPN, CGNAT, redes P2P, open sourceAbstract
The increasing use of Carrier-Grade NAT (CGNAT) by Internet providers has limited the ability of users to remotely and securely access their devices and private networks. Conventional VPNs such as OpenVPN and Wire-Guard have been used for this purpose, but require technical configurations and, in many cases, a static public IP. This study explores open source solutions that enable secure connectivity without the need for a public IP, focusing on ZeroTier and Tailscale, two technologies based on P2P networks that facilitate connection through CGNAT using NAT traversal. ZeroTier combined with NGINX as a reverse proxy to expose internal services is implemented and evaluated, as well as Tailscale in its P2P configuration without a central server. Both solutions are compared, providing a clear view on their viability as affordable alternatives to traditional VPNs. Finally, the development of a self-hosted solution based on Nebula is proposed, offering a flexible and fully decentralized option. The study aims to provide the end user with simple and effective solutions to securely connect to their private network without relying on public IP addresses or technical configurations.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Valentín Torassa Colombero, Santiago Roatta, María Eugenia Casco
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Acorde a estos términos, el material se puede compartir (copiar y redistribuir en cualquier medio o formato) y adaptar (remezclar, transformar y crear a partir del material otra obra), siempre que a) se cite la autoría y la fuente original de su publicación (revista y URL de la obra), b) no se use para fines comerciales y c) se mantengan los mismos términos de la licencia.
