Comment on Using Fail2ban to protect exposed services
neatchee@piefed.social 13 hours agoSite-to-site and individual client setups are not mutually exclusive. They can co-exist.
I have Wireguard on both my phone and laptop - and tailscale should work the same way - which I only activate when I’m away from my home network.
You could even set it up where each “roaming” device is always connected to their “home” network by VPN, which uses site-to-site to further route the traffic where it needs to go.
paequ2@lemmy.today 12 hours ago
Ah, right. Well, currently I do have my wife’s and my phone on the Tailscale VPN. The issue I’m trying to solve is that the VPN app on Android isn’t 100% bug-free. For some unknown reason, my wife frequently has issues with Tailscale. It’ll break her entire networking on her phone. The only way to fix it is by rebooting her phone. I have no idea why because we have the same phone and the same settings… I’ve tried turning off Tailscale, logging out, and back in, and the network won’t recover. Sometimes the Tailscale app won’t even trigger the SSO page to sign in. So it just stays permanently logged off.
The Nvidia Shield also has similar issues where I have to fuss around with the VPN.
So at this point, I feel like I’m done debugging VPN apps and maybe it would be easier for users if I expose stuff to the public internet. Obviously, it makes management for me harder, but that’s ok if everything Just Works for everyone without extra steps or without having to reboot your phone every week.