Comment

Comment on Friendly reminder that Tailscale is VC-funded and driving towards IPO

<- View Parent

MangoPenguin@piefed.social ⁨1⁩ ⁨month⁩ ago

Wireguard.

Many various ways to manage it, and it's built in to most routers already.

source

Sort:hotnew top

Vanilla_PuddinFudge@infosec.pub ⁨1⁩ ⁨month⁩ ago
Pivpn is really easy, and since pivpn is just scripts, it always installs current wireguard even if they lax on updating pivpn that often.

source
nfreak@lemmy.ml ⁨1⁩ ⁨month⁩ ago
I decided to experiment a bit with Headscale when the wg-easy v15 update broke my chained VPN setup. Got it all set up with Headplane for a UI, worked amazingly, until I learned I was supposed to set it all up on a VPS instead and couldn’t actually access it if I wasn’t initially on my home network, oops.

I might play around with it again down the road with a cheap VPS, didn’t take long to get it going, but realistically my setup’s access is 95% me and 5% my wife so Wireguard works fine (reverted back to wg-easy v14 until v15 allows disabling ipv6 though, since that seemed to be what was causing the issues I’ve been seeing).

source
- MangoPenguin@piefed.social ⁨1⁩ ⁨month⁩ ago
  Why does it need to be on a VPS? It seems to work on a home network when I played around with it.
  
  source
  - nfreak@lemmy.ml ⁨1⁩ ⁨month⁩ ago
    Well a VPS or an exposed service, but I feel like the latter ends up somewhat defeating the purpose anyway.
    
    When running locally (not exposed), it worked great until I tried to make the initial connection from mobile data - can’t establish a connection to headscale if it can’t reach it in the first place. Unless I’m mistaken, the headscale service needs to be publicly accessible in some way.
    
    source
    MangoPenguin@piefed.social ⁨1⁩ ⁨month⁩ ago
    Oh gotcha yes it does. Are you on CGNAT with your ISP so you can't forward ports?
    
    source
    -> View More Comments