Tailscale is pretty awesome
-
I am curious for the Netgate staff to jump in but i am so completely impressed by Tailscale. I have spent the last few weeks combing through the documentation. I have put in tags, a semi-hierarchical access control list and now toying around with the posture feature to further lock down VPN access. If you are not utilizing tags when rolling this out then I don't know what you are doing (of course exceptions).
PFsense acting as a subnet router/exit node is just (chefs kiss). I have a pfsense in AWS sitting in front of a VPC. Turn that bad boy into a subnet router; now your tailnet can securely access the VPC. The exit node feature is even more slick. Just spin up a low-power VM anywhere, join it to your tailnet, turn it into an exit node and now you can have as many exit points in your tailnet as you like all distributed around the world. Your very own VPN (forget privacy VPNs).
I can go on....hahaFor the netgate folks, are you guys utilizing tailscale for remote access? If so how are you utilizing it? Just curious
For other people, have you used tailscale beyond the basic access control it offers? Using tags? -
@michmoor said in Tailscale is pretty awesome:
For other people, have you used tailscale beyond the basic access control it offers? Using tags?
I use TS for remote access to my entire network (NAS, SMB/SSH access, security system, cameras, lighting control, streaming OTA tuner, etc.)
I use TS ACLs to allow guest remote access to my streaming OTA tuner.