How Tailscale Makes Managing Wireguard Easy

How Tailscale Works
tailscale.com/blog/how-tailscale-works/
How NAT traversal works
tailscale.com/blog/how-nat-traversal-works/
Tailscale VS Zerotier
czcams.com/video/lAhD2JDVG08/video.html
How To Build Your Own Wireguard VPN Server in The Cloud
czcams.com/video/7yC-gJtl9mQ/video.html
Nebula Review
czcams.com/video/94KYUhUI1G0/video.html
ZeroTier Review
czcams.com/video/Bl_Vau8wtgc/video.html
Getting Started With The Open Source & Free Diagram tool Diagrams.NET
czcams.com/video/P3ieXjI7ZSk/video.html
Headscale:An open source, self-hosted implementation of the Tailscale coordination server.
github.com/juanfont/headscale
⏱ Timestamps ⏱
00:00 Tailscale Review
01:49 How Tailscale Works
04:52 Tailscale Pricing
05:25 Identity Management
06:34 Supported Clients
07:21 Dashboard
10:00 Tailscale Lab Test
20:15 Final Thoughts and Security

I signed up for the personal pro plan after watching your videos. $48 a year for 100 clients is cheap enough that I'm not going to bother rolling my own. The best part of it is how easy it handles DNS. I have a pihole VM running and you can install tailscale on it and set it as the nameserver for all the tailscale clients. Combine this with a subnet relay into my LAN and I can reach every device by name without worrying about split DNS.

Not all Heros wear capes, thanks again Lawrence Systems!

Thanks Tom, I have setup Zerotier and Tailscale for a customer who is behind an ISP Router that cannot be bridged so it is behind double NAT and this allows for remote users to connect to file server, thank you

Thanks for the demo sir! We started using these at our office to manage our backup solutions across our various clients and wanted to learn a bit more how it operates.

I switched to zerotier from hamachi a while back because it was easier, better supported, and had a much friendlier speed cap. Now i mostly use a manual wireguard server but this still looks very interesting.

Thanks for making a video on this!

Awesome video! Thanks

Awesome tutorial. I used your guide to setup pfSense a while back and it worked without a hitch.
I'm planning on setting up a Terminal Server for a club a school and was wondering on the best solution for setting up VPN for just access to that server and nothing else on the network. And that terminal server shouldn't have access to other network interfaces and so on.
Will Tailscale help with this or is there another guide that can help me go through with this?

Thank you for making the video, could you please look into doing a video on how to link Edge Routers using Tailscale. Thank you in advance.

That's some awesome t-shirt, sir!!

Never heard of Tailscale before but did try zerotier after your video... Setting up Tailscale is a breeze.. Seems to work great.. I cannot get it over 30mb/s either btw... maybe that is a hard cap on their end??
Thanks a lot for bringing this sollution to my attention!! :)

Hey Tom, thanks again for awesome tutorial, please do an updated complete version of WireGuard when you get a chance sir,
Regards Shane from Trinidad 🇹🇹

Interesting. Just thinking through this solution and of course risk appetite. With the dynamic ability of it to traverse the trusted network we could potentially have risk if a threat actor was able to manage the TS environment and a network / security admin was working to secure the network. Are there "kill switch" options? Referencing discussion around 12 minutes.

Does Tails eliminates the need for the user to be admin in the machine in order to run the client?

I fucking love tailscale

Do you think this is "safer / more secure" than hosting your own openvpn server (and keeping it up to date, using a PSK) to then RDP into boxes? I know there are some unknows in this question but ya thought I would ask anyway

This is really cool. Now I can LAN Party CS:GO with my friends sitting in a different city 😄. Free Account is more than enough to cover 10 System 😋

yo lawrence, can you mention in a video how you can figure PF sense to automatically kill the state? when I modify my firewall rules to block traffic I want my states to be updated so that traffic stops immediately! I was able to achieve this by using squid proxy and manually disabling the service, but I would do it in an automated fashion. as you know lawrence, squid proxy introduces a host of new problems. please please share this in one of your videos I need to figure out the secret recipe

Hi Lawrence, thanx for this video, i'm wondering, if you have some info on open source SDWAN project ?

I am a little late to this party, but two questions:
1. Did you find out why your speed over tailscale was so slow?
2. how to say this:
- Can we make it so that each node can only connect to a define list of nodes ?
or - How can we create a list of servers, that every node can access, but not let the nodes access each other ???

How does tailscale compare with openVPN for a small number of servers?

Great demo for a business user, what about the average Joe who just wants VPN back to their home LAN through laptops, phones and tablets.

I think you should consider also uploading your content on LBRY

Is it self-hostable on a VPS or a droplet? No? If you can leave Wireguard behind, there's Nebula.

has teen scale essentially become the toolkit for bot networks? it's all open sourced, including the open source version of the server. what's to stop the software rebundled into a cloaking layer and repurposed as a private botnet? trouble on the horizon brothers! can Wiregaurd and or tail scale the sniffed on the network so it can be detected?

Are the slower speeds because it's a Free account ?

Is there an open source alternative?

“Oh I don’t know, check the documentation”, but you do RECOMMEND IT eh?

Looks like Tailscale kind of worldwide router 😂

Just small note - NAT is not a firewall! You mentioned this couple of times during the video.

this works good in China. like china to china ip address where port forwarding is impossible*.

What about Netmaker?

There was a video that you mention closing your business and go for CZcams only. Please don’t do that. What makes this channel one of the unique ones is you being in the actual battle field. Your thoughts matter because you are not just a random guy who is reading some tutorial and showing those on VM environment. Continue you business please. And if you quit who is going to insult the networks. :)