I've been investigating a little different direction with this so I will post the idea here and if there is interest, I will send an updated document to Scott to post in his FAQ.
The original method we chose to run our last distributed 'N3FJP Network' had some security flaws. Essentially, it allowed completely in-the-clear traffic over the internet to a port on a home 'N3FJP Network Server' and there was no authentication at all, so it was open to any and everyone. I was an IT Security professional in a previous life and understand the consequences of this. Scott investigated an idea with another security professional that protected the port with a VPN. Although I didn't try Scott's method, I could see that with the computer skills of *our* average member, that this would not be practical.
I have investigated and am testing a project called 'PIVPN' that creates a OpenVPN endpoint on a $35 Raspberry PI with a couple of commands. The one RPi is the only new hardware needed. The location with the RPi VPN Endpoint would host the N3FJP running the Network Server. The other distributed users still use W10 and need to install a small free software package, and import a file, then their PCs show up on the home network of the N3FJP Network server as if they were physically present.
You still need a fairly smart guy to setup the Raspberry PI and make a change to the router, but there is an excellent YouTube video for setting it up as well as how to set up the clients. The W10 client is simple and doesn't require any command-line interaction. After setting it up, you click to connect, and click to disconnect. The complexity is in the small file that you distribute to the user. It is generated for you by the RPi software. The end users click to import to get running.
The steps for W10 users are as follows:
1) Download OpenVPN W10 client from the OpenVPN Community website. It's free.
2) Install the client. It will error complaining of no credentials.
3) Right-click the icon and import the credentials file.
4) Right-click the icon, enter the password, and connect.
5) Run N3FJP Network as if it is on your private local network.
If you are interested, here is the YouTube video: https://www.youtube.com/watch?v=15VjDVCISj0&t=1094s
Starts with Installing PIVPN. Installing OpenVPN Client on W10 is at 20:00
Link to PIVPN VPN Endpoint: https://pivpn.io The cut-and-paste command to install is prominently displayed at the top of the page.
Link to OpenVPN W10 Community Client: https://openvpn.net/community-downloads/ Choose the bottom most 'Orange Balloon' to download.
Let me know if there is interest for a FAQ document.
Ken - K4EES