This morning I played around with the free (and open source) Tailscale VPN system. I have to say I'm impressed. Tailscale is a company that offers a VPN system (but they are not a VPN provider like NordVPN etc) that is peer to peer and based on wireguard. Works with iOS, Android, Linux, Windows, and macOS. No actual VPN traffic goes through Tailscale's servers. Their server exists solely to perform NAT traversal and to do public key distribution and management, route advertising, DNS, etc. I'm super impressed with the ease of setup and use. Keys are all created behind the scenes and you never really need to deal with them, other than to revoke a public key on the Tailscale admin web site. Registering a node (or renewing a node's keys after 180 days) does not involve any usernames and passwords. Instead the tailscale daemon generates a URL that you use to register it on a browser with your Tailscale account and place the node on your net. That's about it. I've played around with routing and that works quite nicely. Can also do exit node routing, which makes a node on your network be a gateway to the internet for your other nodes.
I've run my own OpenVPN network for many years and while I plan to continue to do so (for a number of reasons not doing my own wireguard for now), Tailscale has its place. Another option is Nebula, but Tailscale has the advantage of being based on wireguard which is getting a lot of love and attention. The downside to tailscale is the proprietary web administration system. The personal account is free and somewhat limited. But if I was a small business, I'd consider buying into their service. I haven't yet seen anything quite so easy to use and transparent (MagicDNS is pretty powerful). /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
