So I’m just being introduced to the concept of using a VPN or something like Tailscale to access one’s services, instead of opening the services directly to the web, but I’m thinking for streaming purposes or just accessing your services on the run, isn’t it an annoyance having to connect to your home network all the time? Or do you keep the VPN running on your phone for example? What if you use a VPN provider for privacy purposes, wouldn’t one need to then switch VPN connection?
isn’t it an annoyance having to connect to your home network all the time?
It’s less annoying than the gnawing fear that my network might be an easy target for attackers.
I can’t use VPN on my work PC so I have some services open on sub domains that aren’t in my DNS. Follow some basic rules and it’s fine. My phone is always connected to my Wireguard running on Opnsense. It’s simple, fully self hosted and works great.
Sucks a high hard one if you plan for others to use your services too. If it’s just you it’s not that annoying
I think the part you’re missing (and others haven’t addressed) is that you don’t send 100% of your traffic to one endpoint (much like how most use VPNs). You can route different things to different places.
For example, I’m in the US and have two Tailscale exit nodes. Both are located on VPS machines in the US, but one sends traffic down a double-hop VPN back out into the US, the other does the same but to Switzerland. My “default” route is through Switzerland (better privacy laws) but I am forced to route some things through the US exit node due to websites that won’t work outside the US. For my personal devices, traffic routes directly to them via WireGuard tunnels.
In addition, my wife doesn’t care about blocking everything that I do (social media, tracking) but her phone still needs to update sensors in Home Assistant. She can choose not to use the exit nodes but can still communicate with our nodes on Tailscale. She also uses it to print documents at home from her laptop while she’s at work.
Recently I was waiting in a hospital with public (unsafe) WiFi that blocked UDP traffic, but Tailscale does some magic that will relay traffic via TLS. I was able to access services at home with a 20ms latency. The tech is very, very nice to have.
🤔
How annoying is it to connect to VPN/use Tailscale
I think it’s very important to separate a random “VPN” solution to using Tailscale.
instead of being able to access the service directly?
Focusing on Tailscale. Who turns off Tailscale? It is “directly” connecting to your service or app or whatever. That’s the whole point.
Probably just me that’s confused. I thought Tailscale was similar to WireGuard but much easier to set up. So one connects to the services directly, and not just the general home network (like a VPN) where you then enter whatever address you need to access the service?
It can be just like you’ve said. You can also run tailscale directly on the system hosting a service and access it directly over the tailscale network.
Im using tailscale and have all my devices connected through it. Im not exposung any services in particular, just handy to be able to ssh around. Its always on and i did not notice huge power loss on my phone
Use Tailscale, for the most part it’s pretty transparent. As long as all the magic DNS stuff is setup correctly, I can access all my internal services by name and it just works.