Blogs
  • README
  • Its Right There
  • Obsidian iOS sync with a Dev's touch
  • Remote Home Lab: A Journey into Secure, Smart Networking
Powered by GitBook
On this page
  • The Backbone of My Home Lab
  • Security
  • A Network Built for Boundaries
  • Secure Pipes: VPN & Encryption
  • Intrusion Detection: My Digital Watchdog
  • Usecases
  • Use Case 1: Remote Compute & Cloud Storage from Anywhere
  • Use Case 2: My Personal Cloud Gaming Rig
  • Use Case 3: Hosting My Own Services (Because Why Not?)
  • Mistakes & Learnings
  • The Wake-Up Call: Threats from the Internet
  • Final Thoughts

Remote Home Lab: A Journey into Secure, Smart Networking

Like many tech enthusiasts, I’ve always loved building things—from gaming rigs to blinking IoT LED lights. But over the years, I started craving something more cohesive, something I could access from anywhere in the world while still keeping my digital life safe and efficient. That’s when I decided to go all-in on a remote home lab setup. Here’s the story of how it all came together—and how I secured it.

The Backbone of My Home Lab

My lab isn’t housed in a corporate server room or a data center. It lives right at home, powered by a few solid machines:

A Dell T7810 “Chia Farming” workstation that now serves as my virtualization server. Specs:

  • 2x Intel Xeon E5-2690 v4 (28 cores / 56 threads total, up to 3.5GHz)

  • 128GB DDR4 ECC RAM

  • NVIDIA Quadro K620 2GB

  • (No HDD/OS originally—it now runs Proxmox VE)

Then there’s my Alienware laptop, which pulls double duty as my daily driver and cloud gaming rig. Specs:

  • 12th Gen Intel Core i7-12700H (2.3GHz)

  • 32GB DDR5 RAM

  • 6GB Nvidia Geforce RTX 3060

A Raspberry Pi 4, This little guy runs a personal website and acts as a remote command center for things like Wake-on-LAN. It’s small, silent, and endlessly versatile.

At the center of it all is my Unifi Dream Machine (UDM), which acts as a cloud-managed gateway and allows me to segment and secure my network with precision.

Security

A Network Built for Boundaries

To bring order to the chaos of devices, I’ve carved out four distinct VLANs using the UDM:

  1. Home – Reserved for my daily drivers like the Alienware laptop and my iPhone.

  2. Servers – Where my Proxmox server and Raspberry Pi live.

  3. IoT – All my smart home gear goes here, safely isolated from sensitive devices.

  4. Guests – A sandbox for visitors, because no one wants mystery malware creeping into their core network.

This separation not only keeps traffic isolated but also enforces a sense of control that makes debugging and security so much easier.

Secure Pipes: VPN & Encryption

Security is non-negotiable. I use OpenVPN to encrypt traffic from both the Home and Servers networks back to the Dream Machine. This ensures that even if I’m sipping coffee halfway across the world, my data travels through an encrypted tunnel right back to my lab.

And for remote access? I leverage Teleport VPN, which is baked into the Dream Machine. It allows me to connect back to any service hosted at home—whether it’s a VM I spun up or my web server on the Pi—with just a tap.

Intrusion Detection: My Digital Watchdog

One of the coolest features of the Dream Machine is its built-in IDS (Intrusion Detection System). It’s like having a 24/7 security guard monitoring all traffic. I get alerts for any suspicious attempts to access my IP, which has proven incredibly useful (more on that in a minute).

Usecases

Use Case 1: Remote Compute & Cloud Storage from Anywhere

I travel a lot—tech conferences, vacations, the occasional work trip—and I like to travel light. But sometimes, I need serious horsepower and secure access to my files. That’s where my server truly shines.

Running Proxmox, it gives me the flexibility to spin up virtual machines on demand. Whether it's a quick Linux sandbox, a full dev environment with Docker and Kubernetes, or a disposable test box, it’s all just a few clicks (or commands) away.

On top of that, I’ve set up Nextcloud on the server to host my own private cloud storage. It’s my personal alternative to Dropbox or Google Drive—fully under my control. I can access files, share documents, and even sync photos across devices, all through a sleek web interface or mobile app.

And thanks to my secure VPN, I can reach my VMs and Nextcloud instance from anywhere—whether I’m working from a noisy airport lounge or relaxing on my couch at home.

To save power and extend hardware life, I don’t keep my server running 24/7 either. My Raspberry Pi helps with that too.

When I need to fire up the server remotely, I send a Wake-on-LAN (WOL) packet through the Pi. It pings the router, which tells the Dell server to rise from sleep. It’s like a digital butler bringing the system to life.

Use Case 2: My Personal Cloud Gaming Rig

I love gaming, and I refuse to pay for cloud streaming services when I already own powerful hardware and the games themselves.

So, I set up my Alienware laptop as a remote gaming server. The twist? It doesn’t stay on 24/7. That would be a waste of power (and not great for the hardware). Instead, I’ve engineered a clever workaround using Wake on AC.

The laptop’s charger is connected to a smart plug. When I’m remote, I connect via VPN, send a command to the smart plug to turn on, and voilà—power flows, the laptop boots, and I’m ready to game from anywhere.

Use Case 3: Hosting My Own Services (Because Why Not?)

My Raspberry Pi 4 might be small, but it pulls a lot of weight in my setup. Originally, it started out hosting a simple personal website—just for fun, no hosting fees, and total control.

But it’s evolved into something more.

Today, the Pi runs multiple services:

  • A personal website, served locally but made securely accessible through Cloudflare Tunnels.

  • AdGuard Home, giving me network-wide ad blocking and Pi-hole-style DNS filtering for all devices on my network.

  • Homebridge, which lets me integrate and control my various smart IoT devices (LED lights, plugs, etc.) through Apple HomeKit—even if the devices themselves don’t officially support it.

All of this runs quietly on the Pi, with minimal power consumption and full remote access thanks to my VPN and zero-trust tunnel setup.

But early on, this turned into a surprising learning moment.

Mistakes & Learnings

The Wake-Up Call: Threats from the Internet

When I first hosted the site, I naively forwarded a port on my router. That’s when the IDS/IPS on my Dream Machine lit up like a Christmas tree & blocked a lot of traffic. I started seeing repeated ping requests from places like Russia and China—scanning, poking in.

That’s when I discovered Cloudflare Zero Trust and Argo Tunnels. Game-changer.

Now, instead of exposing my IP, I create a secure tunnel from Cloudflare directly to my Raspberry Pi. I get:

  • HTTPS by default

  • DDoS protection

  • No public IP exposure

  • And best of all—peace of mind

Final Thoughts

This home lab has been more than just a playground—it’s a personalized, secure, and scalable environment that supports my work, hobbies, and curiosity. From gaming to remote compute to hosting a site, it’s all done on my terms.

If you’re thinking about setting up your own home lab, my advice is simple: Start with what you have, think in layers, and always assume the internet is watching—because it is.

PreviousObsidian iOS sync with a Dev's touch

Last updated 11 days ago

(Curious about how the gaming setup works? Check out this basic guide: )

https://www.canva.com/design/DAGnFg0nuoU/HLJUsaXJmiFDDIlQrPE57g/view?utlId=hfed7c0f58c