A Free Private VPN: Tailscale
An overview of how to setup a free personal VPN
- Introduction
- What is Tailscale?
- In the context of Personal Cloud
- How to Set it Up?
- Why Tailscale?
- Is it truly a VPN?
Introduction
Ever since I started my new hobby of home labbing, a VPN has been essential for accessing my services outside of my home network. I mainly use it when my services aren’t hosted directly on my Synology NAS. While Synology does offer a relay service that eliminates the need for a VPN, though I still use both for convenience. A VPN ensures that my servers are only accessible within my private network, rather than being exposed globally through a relay server.
Outside my Synology, I run my PC with WOL (Wake-on-LAN) enabled so that I can remotely use it whenever I need and want to.
What is Tailscale?
Tailscale is essentially a self-hosted VPN, where each private network is called a Tailnet. Within a Tailnet, devices can communicate directly with each other. Additionally, Tailscale offers a feature called subnet routing, which allows devices to access the broader subnet of any connected machine. This means that even devices without Tailscale installed can be discovered and reached, as long as subnet routing is enabled. In this sense, Tailscale can function in both an agent-based (Tailscale installed) and agentless (via subnet routing) manner.
Additionally, Tailscale is based on Wireguard. While Tailscale is not a fully self-hosted setup, the software it’s based on, can be set up to be a fully self-hosted service.
In the context of Personal Cloud
Recently, I set up my own personal cloud gaming setup, which lets me use my PC and play games from anywhere. However, with IPv4 addresses running out, many ISPs now place consumers behind CGNAT, making port forwarding accessible to only a limited number of people. In the past, I used port forwarding for servers like Plex and Minecraft, but being behind CGNAT has taken away that flexibility. Thankfully, with Tailscale, I’ve been able to regain much of that freedom—without any extra cost.
In addition, it was as easy as just having the app installed on both devices with no extra configuration needed.
How to Set it Up?
Tailscale is essentially a self-hosted VPN, where each private network is called a Tailnet. Within a Tailnet, devices can communicate directly with each other. Additionally, Tailscale offers a feature called subnet routing, which allows devices to access the broader subnet of any connected machine. This means that even devices without Tailscale installed can be discovered and reached, as long as subnet routing is enabled. In this sense, Tailscale can function in both an agent-based (Tailscale installed) and agentless (via subnet routing) manner.
Why Tailscale?
I chose Tailscale as it is a free service and requires no prior setup. Moreover, as a newbie in the world of self-hosting, Tailscale is one of the solutions that have plenty of resources for. In addition to that, it is availble on different platforms from Windows, to iOS and Android.
Is it truly a VPN?
Tailscale is a VPN on its own, but it works differently from traditional VPNs. When paired with a dedicated VPN service like Mullvad—which Tailscale supports natively through a subscription—it can function as a complete VPN solution.
