Re: UPNP is convenient.
For those that don't know (a minority here), VPN = Virtual Private Network. Properly done it adds and extra "network port" on your PC/Tablet/phone which is actually the VPN client software. It's creating an encrypted connection into your VPN server. It then can expose everything on you LAN as if you are on the LAN, or just stuff on the VPN Server, and/or the Internet as seen by your home LAN. So stuff on the internet that's blocked (due to local router / NAT rules of a University OR because you are in America and your home Router is in UK) is then visible via the home internet connection. So you can use VPN for four reasons:
1) Access stuff like POP/SMTP on your own ISP's mail server as if at home, securely in a WiFi cafe, possibly avoiding MiM attacks.
2) Access files or whatever on the VPN server, securely.
3) Access random device on your LAN as if you are on the LAN
4) Bypass geoblock or local port blocks.
If properly set up:
1) You need user/pass that is very secure to connect at all.
2) The data is all securely encrypted, possibly even good enough to block hypothetical quantum computers cracking.
The keys are made at home, and loaded on the device at home* so the classic problem of key distribution is solved.
[*You can write it on rice paper and eat it]