trying to figure our if there is any reason to use Tallscale on my network
paid proton user, about 90% of my devices/services work with the vpn enabled on my Asus Router, but sometimes an app or 2 wont connect if proton is enabled on them, like Hulu or Channels DVR or a random financial app
I have read many posts raving about how perfectly tallscale works with every app/connection, and was wondering if any paid Proton users ever tried or switched to Tallscale
Seems easy to setup, not sure if you can install it on a router, and would want to use it with the Wiregard Protocol, which is really fast for me
In a word, no. The fact you are even trying to compare the two indicates you unfortunately fell for marketing hype and don’t actually understand what a VPN is.
A VPN, at its core, is a way to connect multiple remote machines together in a way that they are all on the same virtual local (aka private) network. That’s it.
Tailscale is a way to achieve this basic core. It is useful to access your devices at home or in the office remotely, and set up ACLs between them to restrict who can access what.
Proton is a privacy VPN service. It uses VPN to connect your devices to their network, and then also makes use of routing so that your devices use their devices as intermediaries when accessing the internet.
Tailscale is not a privacy VPN service. It serves the more traditional definition of VPN, which is to allow for remote access to your own resources. It does have routing capabilities and you could make use of its exit node features to replicate a privacy VPN service but you would need to build out all of that infra yourself to do so (and depending on why you’re using Proton it could be fine or it could be a terrible idea).
I’m a former proton user, but you have to understand Tailscale is a bit different than your traditional VPN. You really should read the what is tailscale article.
Tailscale creates an overlay network for your devices to connect to one another securely as opposed to the traditional VPN model where you’re connecting a device to a VPN provider’s service to securely encrypt your connection through their exit nodes.
There are options to get it to perform more like a traditional VPN though.
You can setup an exit node with tailscale that will use your ISP connection to make it appear like you’re still at home which is akin to a traditional VPN service using your own home internet connection, or you can use mullvad exit nodes (for a fee) that will act more like Proton and encrypt data outbound through mullvad data centers.
so, if you dont have regular need to connect to your home network resources remotely regularly, then Tallscale wont do anything for device/internet “privacy”, the way that Proton does?
so, is there any real advantage in my case to using Tallscale versus paid proton?
like I said, its nice that proton is installed at the router level, so every device in the house is behind the VPN, but even after reading all sorts of articles about Tallscale, I am still not sure if its a better solution for me than the paid Protton I am using now
Correct, it does nothing for that. If you have no need to connect your devices remotely to each other then Tailscale is not a solution you need.
In truth, you probably don’t need privacy VPN services either. The main thing your ISP would be able to see without one is your DNS traffic, the vast majority of everything else is pretty much always encrypted already anyway thanks to HTTPS. Using such a service prevents your ISP from being able to see that unencrypted traffic (as a VPN by nature encrypts the traffic tunneled through it), but that means whatever service you choose (e.g. Proton) will be able to see that unencrypted traffic instead. Hopefully you trust them that they don’t log / manipulate / sell that data. However if you suspect your ISP is exploiting your unencrypted data in that fashion, then perhaps such a service is worthwhile.
There are legitimate uses for privacy VPN services, and plenty of illegitimate ones too. You can build out the basic feature of a privacy VPN service (encrypting all of your traffic from your ISP) by renting a virtual machine elsewhere (from public cloud or a hosting service) and then running Tailscale on it as an exit node. This is not anonymous; the exit node’s IP is tied to you by nature of the fact you need to supply billing information to rent said virtual machine, and Tailscale logs some data about who connects from where.
Not exactly true. Tailscale will encrypt your data and so when paired with a travel router it is a way to hide your internet traffic from the local network (hotel, etc.).
Yeah I’ve noticed issues with servers. I had it set at the firewall level and when the servers were not responsive, it was a shit show in my house. I removed it and just have it on my devices. When the internet stops working, the VPN is the first place I check.
Do you use a VPN at all now? I’m starting to think I’m better off just not using it and just stick with my pihole and unbound.
You can also change your DNS away from your ISPs default offering as well. You can often do this on your router, some routers also support DoH and DoT. Alternatively you can setup your web browser or OS across your devices instead.
There are free offerings from companies like Google and Cloudflare. Of course you’re then giving them your data. Companies like NextDNS are subscription based and so you’re their paying customer which is usually better.
All of these would be enough to cover most of your DNS privacy wants.
Just curious what this looks like-- do you have another site that you physically own or do you use something like Linode to host a server with the exit node?
