We all know that Dad is the IT infrastructure manager at home, so when it became clear that we needed a VPN for everyone to enjoy that infrastructure (aka access to streaming services) on their phones and laptops when they were away- it became Dad's job to make it happen.

Before we get into what Tailscale is or how it compares to a traditional remote access VPN, let’s take a quick look at Tailscale in action. The main problem Tailscale solves is remote access to your internal workloads.

In my homelab, I have a server running Linux. When I’m on my home network, I can access it directly without any issues. But if I step outside and want to access the same server over the Internet, Tailscale makes that much easier and you can have it up and running in about 10 minutes for free.

The main difference between Tailscale and WireGuard is that WireGuard is a self-hosted VPN server, while Tailscale adds user authentication and device management to the WireGuard VPN Protocol. Tailscale also relies on cloud servers for authentication and connection, while WireGuard is fully self-hosted and only relies on your private server.

Before looking at Tailscale vs. WireGuard more in-depth below, I want to explain exactly what they both are and how they function.

What is Tailscale?
Tailscale is a VPN service that utilizes the WireGuard Protocol. Tailscale allows you to easily create a VPN tunnel with absolutely no port forwarding. For users who have a CGNAT or simply do not feel comfortable port forwarding, Tailscale is one of the easiest ways to configure a VPN tunnel.

It’s also important to know that while Tailscale utilizes the WireGuard Protocol, it does not function the same way that WireGuard does. While they utilize the exact same point-to-point encryption, using Tailscale requires the Tailscale network to be accessible.

Tailscale is a zero-configuration VPN solution that uses WireGuard, an open-source VPN protocol. It focuses on providing an easy-to-use and configure management interface for the WireGuard protocol.

Tailscale is different than WireGuard in many ways, but it’s a better comparison to ZeroTier than WireGuard due to the way that it’s set up and configured, as well as its functionality. //

ZeroTier is a software-defined networking application that allows devices to be connected over a global network with minimal setup and configuration. It’s designed to function similarly to a local area network (LAN) environment, making it seem like all devices are connected to the same network even if they are physically located in different parts of the world.

Hi All,
I want to set up WireGuard VPN for remote work with 2 MikroTik routers: “home router” and “travel router”. Could you review my hardware and and config?

Requirements:

• “Home router” is connected to the internet in my home
• “Travel router” will be traveling with me.
• It should be possible to connect a “travel router” to any available internet - phone tethering (most often), another router, WIFI
• Traffic from any devices connected to the "travel router" should be visible as traffic from my “home router”.
• “Home router” will be connected to the router with dynamic public IP

An open source, self-hosted implementation of the Tailscale control server.

What is Tailscale
Tailscale is a modern VPN built on top of Wireguard. It works like an overlay network between the computers of your networks - using NAT traversal.

Everything in Tailscale is Open Source, except the GUI clients for proprietary OS (Windows and macOS/iOS), and the control server.

The control server works as an exchange point of Wireguard public keys for the nodes in the Tailscale network. It assigns the IP addresses of the clients, creates the boundaries between each user, enables sharing machines between users, and exposes the advertised routes of your nodes.

A Tailscale network (tailnet) is private network which Tailscale assigns to a user in terms of private users or an organisation.

Design goal
Headscale aims to implement a self-hosted, open source alternative to the Tailscale control server. Headscale's goal is to provide self-hosters and hobbyists with an open-source server they can use for their projects and labs. It implements a narrow scope, a single Tailscale network (tailnet), suitable for a personal use, or a small open-source organisation.

WireGuard is an open-source modern VPN (Virtual Private Network) solution that utilizes cryptography protocols to create secure network connections between devices. It's efficient and offers improved reliability than traditional VPN protocols like IPSec. This guide explains how to install WireGuard VPN on a FreeBSD 14.0 and securely configure network tunnels on the server.

But if you happen to have a cloud-based Linux server running anyway, building a WireGuard VPN can be a simple and free way to add some serious, compromise-free security and privacy to your life.

If you plan to limit the VPN to just devices owned by you and a few friends, you'll probably never even notice any extra resource load on your server. Even if you had to fire up and pay for a dedicated AWS EC2 t2.micro reserved instance, the annual costs should still come out significantly cheaper than most commercial VPNs. And, as a bonus, you'll get complete control over your data.

Right now I'm going to show you how all that would work using the open source WireGuard software on an Ubuntu Linux server.

Why WireGuard? Because it's really easy to use, is designed to be particularly attack resistant, and it's so good at what it does that it was recently incorporated into the Linux kernel itself.

The actual work to make this happen really will take only five minutes - or less. Having said that, planning things out, troubleshooting for unexpected problems and, if necessary, launching a new server might add significant time to the project.

Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. It enables encrypted point-to-point connections using the open source WireGuard protocol, which means only devices on your private network can communicate with each other.

The Benefits
Building on top of a secure network fabric, Tailscale offers speed, stability, and simplicity over traditional VPNs.

Tailscale is fast and reliable. Unlike traditional VPNs, which tunnel all network traffic through a central gateway server, Tailscale creates a peer-to-peer mesh network (called a tailnet):