Trying to find a way to connect to my home server as well as my VPN at the same time. Doesn’t seem like tailscale can. I’ve started looking at pangolin, has anyone had any luck with this issue?
Thank you
Trying to find a way to connect to my home server as well as my VPN at the same time. Doesn’t seem like tailscale can. I’ve started looking at pangolin, has anyone had any luck with this issue?
Thank you
It’s a shame you can’t force an exit node to be used by the whole tailnet
Edit: Does hesdscale support exit nodes at all? You could for example run a VPN on a router and then use that device as an exit node. I suspect that would work if you can use normal exit nodes
You can use exit nodes, but at least in my case that would be really stupid of me to do. If you have a router connected to a VPN and you use that router as an exit node, all of your traffic is going from your mobile device to the VPN server to your router back to the VPN server to the destination host and any return traffic takes the same route in reverse, adding additional latency and limiting your bandwidth to the minimum of any link in either direction along the entire chain. You can potentially exclude the mobile to router Tailscale traffic from the VPN tunnel to skip a little bit of latency, but it probably doesn’t help much unless your VPN server is in a third location that is not along the path between your current location and your router. My slow upload speed would become a slow download speed, and when I travel long distances my latency to services at my destination would become half a second.
What I do is I have a travel router that I deploy where I’m staying, and that router has a site-to-site VPN with my home network. That way traffic doesn’t need to travel across continents to reach a server only 20ms away.
I also have a set of services that are exposed directly to the internet and I can reach those servers without Tailscale. I can live with being connected to a different VPN and not having the Tailscale-only services.
It may be possible to just use Wireguard. The main benefit of Tailscale instead of Wireguard is that two Tailscale nodes that are next to each other can connect directly without going through another server, and this is accomplished by continuously reconfiguring Wireguard. If you just want a private network VPN where you have a fixed route to your private network and a fixed route to a public internet VPN, you can do that without Tailscale. If you are traveling with a phone and a laptop, connections from the phone’s VPN IP to the laptop’s VPN IP will be slower as they route through your VPN server, but they will work.
Headscale does support exit nodes, I use it to get pihole filtering on my phone away from home.