I am toying with the idea of using one of my Tailscale instances as traditional VPN, using the exit node features. I think I have that part down to a note as far as what has to be done in order for this to happen.
My question is if there are any security risks or security provisions that need to be made to keep the envelope secure. I am the only user of my Tailscale network, so I don’t have to worry about another user jacking things up. However, I am concerned about the implications of the visibility of the exit node I would be connecting to.
They’re good questions. I wasn’t being rhetorical 🤣
It’s hard to know exactly where your concern about visibility lies, hence my question 😉
Nah, it’s good. I do have a knack for asking silly, basic questions. I certainly don’t have the networking prowess and certifications that some of the group here has, and I just want to be cautious, perhaps overly cautious when implementing what I have proposed. I know what an overlay vpn does, and I know what a traditional vpn like say, PIA, does. I just want to proceed with caution because the end use has serious implications if improperly deployed. At the very least I want to make myself confidant that I have covered all bases.
Well if it demystifies Tailscale a bit, just think of it like a traditional VPN with specific controls over the traffic flow. It’s e2e encrypted between every node, and you control the exit node. You’re use-case would work just like OpenVON, for example, where your client traffic exits where you decide (your VPS).
If you really want a deeper understanding, have a looke at Headscale and maybe set it up on your VPS. You use your same Tailscale client, and just register it with the Headscale instance on your VPS. Just setting it up will give you a tutorial on how Tailscale works in general. You can ping me with questions, or the Discord is really active and responsive.