I have a NAS where I have a Plex server and also a safeguard VPN configured. To access my plex from outside I need to forward/open a port in my router, I know this imply some degree of risk. Checking in internet I read I should use a VPN to avoid the risks. Here is my question, yes I know connecting to my Plex from outside using the VPN client in my phone will encrypt the data so nobody can understand what I am sending or receiving, but as far as I understand it this has nothing to do with the open port in the router needed to make my plex server to work, using VPN will not avoid the need to open a port in my router and also will not decrease in any form the risk of an open port. Am I misunderstanding something?
Opening port 32400 lets traffic pass to plex’s servers so you can access it outside of the home. The traffic is/can be proxied by plex itself iirc. So there’s no need for a vpn.
If you go the vpn route, you don’t need to forward port 32400 since the vpn makes it a lan connection
When I configure the wireguard server I need to define the tunnel IPv4 address range, I put there a range diferent from the range of my LAN, so yes if I connect my phone to the vpn it gets a new IP but from this “tunnel” range, not from my LAN range, so my plex client in my phone do not see the plex server in my LAN range. I read somewhere the “tunnel” range should be different from my LAN range. Then they are not in the same range, am I missing something?