From b7e0ae3980f1bfc2713a53bc963a598673202e9a Mon Sep 17 00:00:00 2001
From: TC1977 <37350377+TC1977@users.noreply.github.com>
Date: Sun, 27 Oct 2019 13:30:13 -0400
Subject: [PATCH] road warrior instructions

---
 docs/deploy-to-ubuntu.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/docs/deploy-to-ubuntu.md b/docs/deploy-to-ubuntu.md
index 500b8d6..60bfe6c 100644
--- a/docs/deploy-to-ubuntu.md
+++ b/docs/deploy-to-ubuntu.md
@@ -8,4 +8,11 @@ Install to existing Ubuntu 18.04 or 19.04 server (Advanced)
 ```
 Make sure your target server is running an unmodified copy of the operating system version specified. The target can be the same system where you've installed the Algo scripts, or a remote system that you are able to access as root via SSH without needing to enter the SSH key passphrase (such as when using `ssh-agent`).
 
+# Road Warrior setup
+
+Some may find it useful to set up an Algo server on an Ubuntu box on your home LAN, with the intention of being able to securely access your LAN and any resources on it when you're traveling elsewhere (the ["road warrior" setup](https://en.wikipedia.org/wiki/Road_warrior_(computing))). A few tips if you're doing so:
+- Make sure you redirect any relevant incoming ports (UDP/500, UDP/4500, and UDP/51820) to the Algo server from your router;
+- Change `BetweenClients_DROP` in `config.cfg` to `false`, and also consider changing `block_smb` and `block_netbios` to `false`;
+- If you want to use a DNS server on your LAN to resolve local domain names properly (e.g. a Pi-hole), set the `dns_encryption` flag in `config.cfg` to `false`, and change `dns_servers` to the local DNS server IP (i.e. `192.168.1.2`).
+
 **PLEASE NOTE**: Algo is intended for use to create a _dedicated_ VPN server. No uninstallation option is provided. If you install Algo on an existing server any existing services might break. In particular, the firewall rules will be overwritten. See [AlgoVPN and Firewalls](/docs/firewalls.md) for more information.