Unless you have to connect remotely to another network, NO! Unless you are a TV, Movie, Show addict and gotta waste your time that way. Privacy you said? Define what privacy is that and what for.
Meanwhile I have 3 macbook pros from my employer and 2 clients that all require a thier own VPN and own hardware to get to anything, ssh, email, Salesforce, Jira, confluence etc. A huge pain to transfer logs or commands from a customer on one VPN to ticket system on another.
Tom, can you please do a video showing how one could use Tailscale to give you a secure VPN connection back to your home network instead of using a pay service or having to struggle with a self hosted VPN and network restrictions.
I have two VPN's. I have one external paid VPN and I host one myself. I am locked behind NAT at my ISP and use paid VPN for port forwarding. I have one port forwarded that I use to connect to my self hosted VPN, that I use to access my home LAN when I am not at home. I don't have the option to get a static IP from my VPN, so this is my only solution to the NAT problem. But not sure that I would even want a static IP anyway, as I am sure that both my ISP and VPN provider has a lot more understanding when it comes to network security than I have. So I don't feel the need to have a direct IP to my router and why I only allow a single VPN port through the paid VPN service. This solution works flawlessly. So: Internet -> Paid VPN -> Private VPN -> LAN But you need to have some faith in your VPN provider for this setup, at least as much trust as you have in your ISP (but more would be better).
@@GeorgeG472 Hi. Not at all, been running this setup for the past year and a half. It has been solid. I am running a linux server on a Raspberry Pi 4 with a few LXD Containers. Two of them are being used for VPN. One is connected to my external VPN and the other is running my private VPN. When I connect from outside, it goes through my external VPN to one LXD container which routes the port to my other container which in turn grants me access to my network. You can also run the external VPN on the main server instance rather than a container, if you want all network from that server to go though the VPN. But running both the external and private VPN on the same instance is a bit more complex and I never got that working. But that was before I started playing with LXD and I actually like that sandboxed setup more.
Seriously Tom - this video shows the core of you - in a positive way. Thank you for this!
Nice new background Jay 👍
thanks for the insights. interesting podcast for sure this week
Unless you have to connect remotely to another network, NO!
Unless you are a TV, Movie, Show addict and gotta waste your time that way.
Privacy you said? Define what privacy is that and what for.
Meanwhile I have 3 macbook pros from my employer and 2 clients that all require a thier own VPN and own hardware to get to anything, ssh, email, Salesforce, Jira, confluence etc. A huge pain to transfer logs or commands from a customer on one VPN to ticket system on another.
Never thought about the security risk of downloading 3rd party vpn software. Good thing to keep in mind!
Tom, can you please do a video showing how one could use Tailscale to give you a secure VPN connection back to your home network instead of using a pay service or having to struggle with a self hosted VPN and network restrictions.
Moving to ZT in Prod with RO7. New territorium! Going to be fun.
I have two VPN's. I have one external paid VPN and I host one myself. I am locked behind NAT at my ISP and use paid VPN for port forwarding. I have one port forwarded that I use to connect to my self hosted VPN, that I use to access my home LAN when I am not at home. I don't have the option to get a static IP from my VPN, so this is my only solution to the NAT problem. But not sure that I would even want a static IP anyway, as I am sure that both my ISP and VPN provider has a lot more understanding when it comes to network security than I have. So I don't feel the need to have a direct IP to my router and why I only allow a single VPN port through the paid VPN service. This solution works flawlessly.
So:
Internet -> Paid VPN -> Private VPN -> LAN
But you need to have some faith in your VPN provider for this setup, at least as much trust as you have in your ISP (but more would be better).
HAve you had any issues with this setup so far? I was looking to do something similar over ZeroTier since I'm locked behind my ISP router too.
@@GeorgeG472 Hi. Not at all, been running this setup for the past year and a half. It has been solid.
I am running a linux server on a Raspberry Pi 4 with a few LXD Containers. Two of them are being used for VPN. One is connected to my external VPN and the other is running my private VPN. When I connect from outside, it goes through my external VPN to one LXD container which routes the port to my other container which in turn grants me access to my network. You can also run the external VPN on the main server instance rather than a container, if you want all network from that server to go though the VPN. But running both the external and private VPN on the same instance is a bit more complex and I never got that working. But that was before I started playing with LXD and I actually like that sandboxed setup more.
Aws / Linode + Open VPN server.
What do you think of Synology Quick connect for access to Synology resources when out?
It works well, but I still prefer a VPN.