Comment

Comment on Alternative to NordVPN Meshnet?

undefined@lemmy.hogru.ch ⁨1⁩ ⁨month⁩ ago

I’m not familiar with NordVPN Meshnrt but I wanted to chime in that you can use Tailscale with a VPN, but you’ll have to do some routing work between the Tailscale network interface and the VPN one. I do this on a VPS.

source

Sort:hotnew top

dan@upvote.au ⁨1⁩ ⁨month⁩ ago
This is a decent idea. You can configure the VPS to be an exit node on the Tailnet, and configure the clients to use it as their exit node. Then you’d just need to configure some nftables rules to masquerade (source NAT) to the VPN network interface.

source
- undefined@lemmy.hogru.ch ⁨1⁩ ⁨month⁩ ago
  I do some pretty crazy stuff honestly because I’m really into privacy. Since I’m stuck using a VPS I usually put it in the same country that I’m currently in so that for my end devices it appears I’m just accessing some corporate VPN.
  
  On the VPN I actually have two in-country double hop VPN tunnels. I then have two more double hop VPN tunnels that first go into some random country, then finally to Switzerland (because I love their privacy laws). Those two tunnels are set as two equal cost multipath hops for my Tailscale clients, then they get stuffed into the first set of in-country tunnels.
  
  Iinject random delays to protect against timing attacks too, and on top of all that I run Blocky with an insane amount of blocklists and that traffic also spread between all the tunnels over DoT.
  
  It’s a lot of overkill but I absolutely love having no ads, strong data protection and a higher level of freedom of speech.
  
  source
possiblylinux127@lemmy.zip ⁨1⁩ ⁨month⁩ ago
Don’t do this as it defeats the point of Tailscale

source
- undefined@lemmy.hogru.ch ⁨1⁩ ⁨month⁩ ago
  Not really. I use the exit node to forward my “default” traffic through the VPN but I still use tunnels between my end devices too. My wife uses it to print documents from work and hell, I even shut off a lot of services on my LAN and made them Tailscale-only just as a way to force encryption (unnecessarily).
  
  source
  - possiblylinux127@lemmy.zip ⁨1⁩ ⁨month⁩ ago
    The problem is that it likely will break NAT traversal which means no direct connections.
    
    Tailscale already has VPN integrations. I would recommend that you use that instead.
    
    source
    undefined@lemmy.hogru.ch ⁨1⁩ ⁨month⁩ ago
    Tailscale only supports Mullvad VPN and when you do use it you’re stuck with its DNS server. It’s a super basic option and doesn’t allow for much customization.
    
    source
    -> View More Comments