Setup vpn edgerouter x — this quick-start guide gives you a practical, step-by-step path to getting a VPN up and running on your EdgeRouter X. If you’re new to routers or swapping from a consumer-grade device, you’ll find simple, actionable steps that don’t require deep networking jargon. Here’s a compact overview of what we’ll cover:

• Quick setup steps to enable VPN on EdgeRouter X
• VPN types you can run IPsec, OpenVPN, and WireGuard when supported
• How to configure firewall rules, NAT, and routing for VPN traffic
• Common pitfalls and how to troubleshoot them
• A FAQ with real-world questions from users like you
  Useful URLs and Resources text only, not clickable: EdgeRouter X official docs – ubnt.com, OpenVPN project – openvpn.net, WireGuard – wireguard.com, IPsec overview – en.wikipedia.org/wiki/IPsec, NAT traversal basics – en.wikipedia.org/wiki/Network_Address_Translation

Why you might want a VPN on EdgeRouter X

• Security on every device: A VPN tunnel on your router means every device on your network benefits, even when you’re not actively configuring VPN on individual devices.
• Consistent access: If you travel or work remotely, you can access your home network securely without juggling multiple VPN clients.
• Flexible setups: IPsec is common and interoperable, OpenVPN when supported by firmware or packages offers broad compatibility, and WireGuard is lightweight and fast where available.

Pre-setup checklist

• Determine your VPN type: IPsec, OpenVPN, or WireGuard if your EdgeRouter X firmware supports it or via custom packages.
• Have a static public IP or dynamic DNS setup: VPN peers prefer a stable address.
• Know your network topology: LAN IP range, WAN connection type, and where VPN clients should be placed.
• Update firmware: Ensure you’re on the latest EdgeRouter X firmware for security and features.
• Backup: Save a current configuration before making changes.

Quick-start guide: VPN on EdgeRouter X IPsec focus

IPsec is a reliable, widely supported choice. This section outlines a straightforward path to set up IPsec on EdgeRouter X.

Step 1: Access the router and back up

• Log in to the EdgeRouter X web UI usually at 192.168.1.1 or via SSH.
• Create a backup of your current config in case you need to revert.

Step 2: Configure WAN and LAN basics

• Confirm your WAN IP type static or DHCP and note it.
• Verify your LAN subnet for example, 192.168.1.0/24.

Step 3: Create the IPsec VPN on the EdgeRouter X

• Define the VPN peer your remote client or partner gateway with the public IP.
• Set encryption and authentication methods e.g., AES-256, SHA-256, and a pre-shared key or certificates.
• Configure the IKE version IKEv2 is preferred for modern clients.

Step 4: Create firewall rules and NAT

• Allow IPsec ESP, AH, and IKE ports in your firewall.
• Add a NAT exemption łączenie so VPN traffic isn’t double-NAT’d.
• Ensure VPN subnets don’t conflict with your LAN.

Step 5: Test and refine

• Bring up the VPN client or remote peer and test connectivity to a device on your LAN.
• Verify that traffic routing respects the desired split tunneling or full tunnel behavior.
• Check for DNS leaks and confirm private IPs appear as expected.

Step 6: Security hardening

• Use strong pre-shared keys or certificates.
• Disable unused services on EdgeRouter X.
• Regularly monitor VPN logs for unusual activity.

OpenVPN on EdgeRouter X alternative path

If your firmware supports OpenVPN or you’ve added a compatible package, here’s a practical flow.

Step 1: Prepare server configuration

• Generate server and client certificates if using TLS-based OpenVPN.
• Choose a subnet for VPN clients that doesn’t clash with LAN.

Step 2: Install and enable OpenVPN

• Install the OpenVPN package if your EdgeRouter X variant allows it.
• Create server config, including port, protocol UDP is common, and route settings.

Step 3: User authentication

• Decide between certificate-based or username/password authentication.
• Add user credentials and assign unique client profiles.

Step 4: Firewall and NAT

• Allow the OpenVPN port in the firewall.
• Add NAT rules for VPN clients to access the LAN if needed.

Step 5: Client setup

• Export client profiles or config files.
• Import on client devices and verify connectivity to the home network.

WireGuard if supported

WireGuard offers speed and simplicity. If your EdgeRouter X supports it natively, follow these steps.

• Enable WireGuard on the EdgeRouter X.
• Create a server interface with a private/public key pair.
• Define allowed IPs for VPN clients e.g., 10.0.9.0/24 and set keepalive as needed.
• Add peers with their public keys and allowed IP ranges.
• Configure firewall and NAT rules for VPN traffic.
• Distribute client configuration to devices and test.

Firewall rules, NAT, and routing essentials

• Default deny policy: Start with a permissive rule set for testing, then tighten.
• VPN traffic rules: Permit the specific VPN protocol/port you use IKE, ESP, OpenVPN port, WireGuard port.
• NAT exemptions: Ensure VPN traffic to LAN doesn’t get double-NAT’d.
• DNS considerations: Use VPN DNS to prevent leaks or rely on internal DNS if you need local name resolution.
• Split tunneling vs full tunnel: Decide whether all traffic or only VPN-bound traffic should go through the VPN.

Common issues and quick fixes

• VPN connection drops: Check for IP conflicts, keep-alive settings, and MTU mismatches.
• No route to VPN subnet: Confirm firewall/NAT rules and ensure the VPN subnet is allowed in routing.
• DNS leaks: Force VPN DNS servers or disable split tunneling that bypasses VPN DNS.
• Authentication failures: Re-check credentials, certificates, and time synchronization.

Performance and monitoring tips

• Monitor CPU usage: EdgeRouter X is compact; encryption tasks can spike CPU.
• Check VPN throughput: Expect lower speeds on IPsec/OpenVPN than native LAN performance.
• Log review: Regularly scan VPN-related logs for anomalies or misconfigurations.
• Automatic backups: Schedule periodic backups of your VPN config.

Optimization for mixed environments

• Remote work setups: Use IPsec or WireGuard with stable remote endpoints for reliable access.
• Home automation: Keep VPN latency low to maintain responsiveness for smart devices.
• Guest networks: Isolate VPN clients from guest networks to reduce risk.

Security best practices

• Use strong cryptographic settings and rotate keys periodically.
• Disable remote management when not needed.
• Keep firmware updated and monitor for security advisories.
• Implement MFA if OpenVPN or your chosen method supports it.

Real-world example configurations high-level

• Example A: IPsec between EdgeRouter X at home 203.0.113.2 and remote office 198.51.100.5 with a 192.168.10.0/24 VPN subnet.
• Example B: OpenVPN in a small home lab using 10.8.0.0/24 VPN subnet and UDP 1194.
• Example C: WireGuard server on EdgeRouter X with 10.9.0.0/24 and a few peer clients.

Quick reference tables

• Common ports and protocols:

  • IPsec: IKE 500, ESP 50, NAT-T 4500
  • OpenVPN: UDP/TCP 1194 configurable
  • WireGuard: UDP 51820 configurable

• Typical subnets: Purevpn edge review 2026: a comprehensive guide to Purevpn edge features, speed, security, pricing, setup, and comparisons

  • LAN: 192.168.1.0/24
  • VPN: 10.8.0.0/24 OpenVPN or 10.9.0.0/24 WireGuard

Step-by-step checklist concise

1. Update firmware and backup current config
2. Choose VPN type and create server/peer settings
3. Configure firewall rules for VPN traffic
4. Set up NAT exemptions for VPN subnets
5. Create client configurations and test connectivity
6. Verify DNS and routing, adjust as needed
7. Harden security and schedule periodic reviews

Advanced tips

• Use two-factor authentication where supported
• Separate VPN management network from LAN for extra security
• Consider dynamic DNS if you don’t have a static IP
• Document all settings for future maintenance

Troubleshooting quick-start notes

• If VPN won’t start: recheck IP addresses, subnet overlap, and time synchronization
• If clients can connect but can’t access LAN: review route tables and NAT
• If you see high latency: test from multiple client locations, check for MTU issues
• If DNS fails: verify DNS server configuration on VPN server and clients

Frequently Asked Questions

Does EdgeRouter X support OpenVPN natively?

OpenVPN support on EdgeRouter X depends on your firmware and package availability. Some builds include OpenVPN, while others require community packages or alternative methods. Check the official EdgeRouter X documentation for current capabilities.

Can I run multiple VPN types on EdgeRouter X at the same time?

Yes, you can run multiple VPN types if your hardware and firmware support it, but you’ll need to carefully manage firewall rules, routing tables, and NAT. It’s common to run one primary VPN e.g., IPSec and one backup e.g., WireGuard with separate subnets.

How do I choose between IPsec and WireGuard?

IPsec is widely supported and interoperable with many devices, but WireGuard offers simpler configuration and faster performance on modern hardware. If your router firmware supports WireGuard and you aim for speed, prefer WireGuard. If you need broad compatibility, go IPsec.

What is split tunneling, and should I use it?

Split tunneling lets VPN traffic route only specific destinations through the VPN, while other traffic goes directly to the internet. It reduces VPN load and can improve performance, but it may introduce traffic leaks if not configured carefully. Use it if you need local network access while browsing normally. Proxy in edge: the ultimate guide to using proxies with Microsoft Edge for privacy, speed, and security 2026

How can I test my VPN setup quickly?

From a remote device, connect to the VPN and attempt to access a device on your LAN e.g., file server, printer. Use a DNS lookup to confirm you’re resolving internal names via the VPN. Check your public IP to confirm you’re appearing from the VPN network.

What logs should I check after setup?

Look at VPN-specific logs in the EdgeRouter X UI or CLI, firewall logs, and system logs for dropped packets, authentication failures, or routing issues. Regular monitoring helps catch misconfigurations early.

How do I secure my VPN against brute-force attacks?

Use strong authentication certificates or strong pre-shared keys, disable weak ciphers, and enable rate limiting on management interfaces. Regularly rotate credentials and monitor for repeated failed login attempts.

Can VPN clients access the entire home network?

Yes, with proper routing and firewall rules, VPN clients can access devices across the LAN. Decide if you want full-tunnel access all traffic goes through VPN or split tunneling to limit VPN usage.

Do I need a static IP to run a VPN on EdgeRouter X?

A static IP makes remote access simpler, but dynamic DNS can work as a workaround if your public IP changes. If you rely on a static IP, you’ll have a more stable remote endpoint. Proton vpn microsoft edge extension: complete guide to installing, using, and troubleshooting Proton VPN on Microsoft Edge 2026

How often should I update VPN credentials?

Rotate credentials every 6–12 months as a best practice, or sooner if you suspect a security compromise. Keep a log of credential changes for auditing.

Setup vpn edgerouter x to configure a secure site-to-site or remote VPN with EdgeRouter X: step-by-step guide, tips, and best practices

Yes, Setup vpn edgerouter x is possible. This guide gives you a practical, everything-you-need-to-know approach to getting a VPN up on EdgeRouter X, whether you’re aiming for a remote-access setup for individual devices or a site-to-site connection with another gateway. You’ll get a straight-forward walkthrough GUI-first, with CLI options you can reference, practical security tips, troubleshooting steps, and best practices to keep things running smoothly. Plus, if you’re shopping for extra privacy, this NordVPN deal can help you stay protected while you configure and test your VPN setup.

Useful resources to keep handy as you go:

• EdgeRouter X official docs – help.ubnt.com
• OpenVPN official docs – openvpn.net
• IPsec overview and best practices – cisco.com
• Windows VPN setup guide – support.microsoft.com
• macOS VPN setup guide – support.apple.com
• Dynamic DNS options for home networks – dyn.com
• YouTube tutorials on EdgeRouter VPN setup – youtube.com

What is EdgeRouter X and why use VPN on it?

The EdgeRouter X is a compact, power-efficient router that runs EdgeOS, giving you a lot of control over firewall rules, NAT, routing, and VPN features. It’s popular for home labs and small offices because you can unlock robust VPN capabilities without buying a high-end appliance. Key reasons to run a VPN on EdgeRouter X include:

• Centralized access control: manage remote connections, usernames, and permissions in one place.
• Site-to-site flexibility: securely connect multiple networks e.g., home and office over the Internet.
• Fine-grained firewall rules: custom rules that block or permit traffic for VPN clients, with separate zones for VPN and LAN.
• Cost-effective: cheap hardware that’s capable of handling moderate VPN loads when configured correctly.

A few quick notes: Norton vpn encryption: how Norton Secure VPN uses 256-bit AES, OpenVPN, and IKEv2/IPsec to secure your data 2026

• EdgeRouter X supports common VPN technologies such as OpenVPN and IPsec L2TP/IPsec or IKEv2, so you can choose the method that fits your devices and needs.
• Real-world VPN throughput depends on your EdgeRouter X model and firmware, your WAN speed, and the type of VPN you run. Expect lower speeds than pure routing due to encryption overhead, especially on consumer-grade hardware.

VPN options on EdgeRouter X

You’ve got two main routes: OpenVPN for remote access or IPsec for site-to-site and remote access. Each has its own setup style and client compatibility.

OpenVPN remote access server or client mode

Pros:

• Broad client compatibility Windows, macOS, Linux, Android, iOS.
• Easy to restrict access to specific devices.
• Useful when you need a simple remote-access VPN with individual user credentials.

Cons:

• Might require some extra tuning for very high throughput.
• OpenVPN server configuration on EdgeRouter X can be a little less straightforward than IPsec if you’re mixing CLI and GUI.

What this means for you: OpenVPN is a good all-around choice for most home users who want remote access for multiple devices or for a handful of family members.

IPsec L2TP/IPsec or IKEv2

• Native support on most platforms. easy to configure in Windows/macOS and mobile devices. Pia vpn settings guide for privacy, speed, and multi-device setup (iOS, Android, Windows, macOS, routers) 2026

• Strong security with modern ciphers and automatic key management.

• Site-to-site VPN tends to be more efficient for constant, always-on connections.

• IPsec can be trickier to tune for remote access if you need granular user management without additional services.

• Some devices require extra steps to handle DNS or split-tunnel routing correctly.

What this means for you: IPsec is a strong, efficient option for both site-to-site connections and remote access, especially if you want good performance on a small footprint device like EdgeRouter X. Nord vpn für edge: how to use NordVPN with Microsoft Edge and Windows for secure browsing 2026

Step-by-step setup: OpenVPN server on EdgeRouter X GUI

This path is friendly for most users and gives you a clean, guided setup. We’ll go through GUI steps first, then note a quick CLI alternative if you prefer.

1. Prep the network

• Ensure your EdgeRouter X has a stable Internet connection and a local IP range you control for example, 192.168.1.0/24.
• Decide if you’ll use a static public IP or a dynamic DNS name for remote clients.
• If you’re behind a modem or ISP gateway, you may need to forward port 1194 UDP to the EdgeRouter X or configure the gateway in bridge mode.

2. Create the VPN profile OpenVPN

• Log in to the EdgeRouter X web UI usually https://192.168.1.1.
• Go to VPN > OpenVPN > Server.
• Set the server mode to Remote Access this lets individual clients connect.
• Select UDP as the protocol and set the port to 1194 default OpenVPN.
• Define a server network, for example 10.8.0.0/24, which will be the pool for connected clients.
• Choose a DNS option for VPN clients e.g., 1.1.1.1 or your local DNS.
• Create a user or users with a username and password for remote access.
• Enable TLS authentication if you want an extra layer of security you’ll generate a static key to share with clients.

3. Configure firewall rules

• Create a VPN-specific firewall rule that allows UDP 1194 from WAN to the EdgeRouter X VPN server.
• Ensure LAN to VPN traffic is permitted if you want clients to access LAN resources.
• Add or adjust NAT rules so VPN clients can access the Internet through your WAN interface masquerade on the outbound interface.

4. Generate client profiles

• In the EdgeRouter UI, generate and download the client configuration .ovpn for each user.
• Distribute the .ovpn file to users securely. instruct them to import it into their OpenVPN client apps Windows, macOS, Android, iOS.

5. Test locally and remotely

• Connect a client from inside your network to verify VPN functionality first.
• Then test from an external network cellular data or a friend’s Wi-Fi to confirm remote access works through your public IP or DDNS name.

6. Optional CLI steps for more control

• If you prefer CLI, you can mirror GUI settings with EdgeOS commands. For example:
  • set vpn openvpn server 1 mode server
  • set vpn openvpn server 1 protocol udp
  • set vpn openvpn server 1 port 1194
  • set vpn openvpn server 1 local-address 10.8.0.1
  • set vpn openvpn server 1 server-network 10.8.0.0/24
  • set service firewall name VPN-IN default-action accept
  • commit. save

7. Security checks

• Use a strong certificate or TLS-auth key. keep the OpenVPN software up to date.
• Disable admin access from the WAN interface to the EdgeRouter GUI to reduce exposure.
• Consider rotating keys or credentials periodically.

Tips:

• If you’re hosting a lot of clients, you can script client config creation or automate user management.
• For mobile devices with flaky connections, you can tune OpenVPN to use smaller MTU settings to avoid fragmentation.

Step-by-step setup: IPsec remote access L2TP/IPsec on EdgeRouter X

IPsec is a workhorse for many setups and can be more straightforward for remote access on some devices.

1. Prepare your EdgeRouter X

• Confirm you’re on a supported EdgeOS version that includes IPsec remote access features.
• Ensure you have a static public IP or a reliable DDNS hostname.

2. Configure IPsec on EdgeRouter X GUI

• Navigate to VPN > IPsec.
• Set up a remote access VPN L2TP/IPsec profile.
• Create a pre-shared key PSK for authentication or use certificate-based authentication if supported.
• Define the local VPN subnet for example, 192.168.1.0/24 and the remote client IP pool like 10.9.0.0/24.
• Add user credentials for remote access and bind them to the VPN.

3. Firewall and NAT

• Permit the IPsec UDP ports 500 for IKE, 4500 for IKEv2/NAT-T and protocol 50 ESP as required by your EdgeOS version and VPN type.
• Ensure NAT masquerade rules exist so VPN clients can reach the Internet through the EdgeRouter X.

4. Client configuration

• On Windows/macOS/iOS/Android, configure a new L2TP/IPsec VPN using the public IP or DDNS hostname, the PSK, and the user credentials you created.
• Some clients will require you to enable “Always-on VPN” or “VPN Reconnect” to keep the tunnel active through network changes.

5. CLI quick reference optional

• set vpn ipsec site-to-site peer authentication pre-shared-secret ‘‘
• set vpn ipsec site-to-site peer ike-group
• set vpn ipsec site-to-site peer tunnel 1 local prefix 192.168.1.0/24
• commit. save

6. Testing

• Connect from a remote client and verify you can reach internal resources and browse securely.
• Use a service like whatismyip or ipconfig to confirm the VPN tunnel’s IP is in your VPN pool.

7. Security considerations

• Use a strong PSK or, better, a certificate-based setup if possible.
• Limit VPN users to only what’s necessary and review access regularly.
• Turn on logging for IPsec to diagnose issues and monitor for unauthorized access attempts.

Firewall, NAT, and routing tips for VPN on EdgeRouter X

• Use a dedicated firewall group for VPN to keep things organized and reduce risk.
• When you enable a remote-access VPN, you often need to permit traffic between VPN clients and your LAN, so plan your network ranges accordingly.
• For OpenVPN, if you use a client-to-site approach, ensure you push routes to the VPN clients so they can reach specific LAN subnets.
• If you’re using IPsec for site-to-site connections, ensure that the peer is allowed through the firewall and that the correct ports and IP protocols are permitted IKE 500/4500, ESP 50, NAT-T if NAT is in use.
• Consider enabling strict NAT rules for VPN clients by default and only open extra ports if you truly need them.
• Regularly back up EdgeRouter X configuration files so you can recover quickly after a failed update or hardware change.

Testing your VPN connection

• Basic checks: confirm VPN status in the EdgeRouter UI, verify that the tunnel is established, and check the VPN client’s connection status.
• Reachability: from a connected client, try pinging a device on the LAN e.g., a printer or NAS and verify access to internal services.
• Internet access: test a website to confirm you can browse the Internet through the VPN tunnel.
• DNS leaks: verify that DNS requests from the VPN client are resolved by your VPN’s DNS or your home DNS, not a public resolver from the client’s local network.
• Logs: check EdgeOS logs for VPN-related entries if things don’t work as expected. Look for negotiation errors, authentication failures, or routing issues.

Security considerations and best practices

• Use strong credentials: long usernames and strong passwords for VPN accounts, and prefer certificate-based trust where possible.
• Rotate credentials and keys regularly, especially if you suspect a credential leak.
• Update EdgeRouter X firmware promptly to patch known vulnerabilities and improve VPN reliability.
• Disable WAN administration of the EdgeRouter GUI if you don’t need it. access should be limited to trusted networks or require a VPN to reach the admin interface.
• Enable two-factor authentication where possible for VPN accounts, if your setup supports it.
• Monitor VPN logs and set up alerting for unusual sign-in attempts or rate-limiting to mitigate brute-force attacks.
• Consider split-tunneling vs. full-tunnel carefully: full-tunnel routes all traffic through VPN higher privacy, potentially slower, while split-tunnel sends only chosen traffic through VPN better performance but less comprehensive privacy.
• Regularly back up your configuration and document changes so you can restore quickly if a misconfiguration occurs.

Performance and maintenance tips

• Choose the right VPN type for your hardware: OpenVPN is flexible but can be heavier. IPsec IKEv2/L2TP often provides better performance on EdgeRouter X.
• Keep the EdgeRouter X firmware current: VPN reliability and performance improve with updates.
• If you’re hitting throughput limits, consider adjusting MTU/MRU settings to reduce fragmentation and improve stability.
• Use DNS settings that minimize leaks and improve reliability, such as a deterministic DNS or DNS over TLS where possible.
• Schedule periodic reboots or maintenance windows to keep memory caches clean and performance stable, especially on home networks with many devices.
• Document and version-control your EdgeRouter X configuration, so you can rollback if something breaks after an update.

Common pitfalls and troubleshooting tips

• Port forwarding conflicts: If you’re behind another gateway, ensure the necessary OpenVPN/IPsec ports are forwarded correctly.
• NAT rules misconfiguration: Ensure VPN clients’ traffic is properly translated to the Internet, but LAN traffic to VPN clients is allowed when needed.
• DNS leaks: Ensure VPN clients use the VPN’s DNS servers or internal DNS to prevent leaking queries through the client’s ISP DNS.
• Certificate or PSK issues: If using certificates, ensure the CA and client certs are correctly installed. for PSKs, make sure they match on both sides.
• Client configuration mismatches: Double-check server IP, port, protocol, and tunnel type on clients.
• Firmware quirks: Some EdgeOS versions handle VPN features slightly differently. check release notes if you upgrade.

Frequently Asked Questions

Can I run both OpenVPN and IPsec on EdgeRouter X at the same time?

Yes, you can typically run multiple VPN services on EdgeRouter OS, but you’ll want to manage their firewall rules carefully to avoid conflicts and ensure adequate hardware resources.

Which VPN is best for a small home network?

If you want broad device compatibility and ease of use, OpenVPN is a solid choice for remote access. If you’re focusing on performance and site-to-site connectivity, IPsec IKEv2/L2TP is often more efficient. Is edge vpn safe: a comprehensive guide to edge VPN safety, security, privacy, and performance 2026

Do I need a static IP address to set up a VPN on EdgeRouter X?

A static IP makes remote access simpler because you don’t have to deal with dynamic DNS updates. If you don’t have a static IP, use a dynamic DNS service so you can reach your network reliably.

Does EdgeRouter X support VPN passthrough?

Yes, EdgeRouter X supports VPN traffic passthrough. You still need to configure the appropriate firewall rules and NAT settings for your VPN.

How do I test a VPN connection on Windows or macOS?

Create a VPN profile on your device OpenVPN or IPsec, depending on your EdgeRouter X setup, connect, and verify access to LAN resources, Internet access through the VPN, and DNS resolution within the VPN.

Can I connect multiple clients to the same OpenVPN server on EdgeRouter X?

Yes. You can create multiple user accounts and provide each user with a unique .ovpn client profile for OpenVPN remote access.

How do I secure my EdgeRouter X’s VPN if I’m using it at home?

Use strong credentials, enable TLS-auth where possible, restrict admin access to the WAN side, keep firmware updated, and monitor VPN logs for unusual activity. Microsoft edge secure network vpn review 2026

What is split tunneling, and should I use it?

Split tunneling lets some traffic go through the VPN and some go directly to the Internet. It’s useful for performance and accessing local devices, but it reduces the privacy benefits of a full-tunnel VPN.

How often should I rotate VPN keys or credentials?

Rotating keys every 6–12 months is a good practice, or sooner if you suspect a credential compromise or a breach in a service used for VPN authentication.

Can I use dynamic DNS with EdgeRouter X for VPN access?

Yes. Dynamic DNS services map a changing public IP to a stable hostname, making it easier to connect remotely when your public IP changes.

Vpn无法使用全方位排错指南：原因、修复步骤与防护策略

Microsoft edge secure network vpn reddit 2026