Love using Tailscale as my main remote access VPN to my network devices, but I am intrigued by the Mullvad exit nodes and so i have a few questions.
- I already have an account number with Mullvad, can that be used to apply exit nodes to some of my connected devices? Or do I instead pay for this service separately?
- I’ve had Mullvad for a few months and I am happy with the service alone as a privacy measure and geo-unlocking, but I’ve seen some reviews saying that it doesn’t work as well when used through Tailscale. Is that still the case? What are some of your experiences?
Regards point 1 - Mullvad exit node is a pay add-on, so you need to go thru Tailscale and pay them to enable it. This is the downwards of this solution: Tailscale will know you and so your privacy may be a little bit impacted
On point 2, I’m overall happy: some services are blocked in my country but you can easily setup an app connector with custom domain if you have a spare old pc/nas/pi with linux
I find the DNS leaks outside the mullvad exit node and comes straight from your device IP. I have a question on this somewhere on here but no answer.
So it’s not a privacy solution currently.
Edit:
https://www.reddit.com/r/Tailscale/comments/1c836xv/tailscale_mullvad_nextdns_question_dns_still
You can’t use 2 VPN’s at the same time!!!
You can’t use exit node to jump into mullvad endpoint!!!
Somehow you have to route exit node onto a mullvad endpoint!!!
I use a vlan which is routed to a mullvad end point, I route exit node to that vlan!!!
Did you read
DNS doesn’t go over mullvad tunnel. It goes to the DNS server you specify in admin console. You could choose mullvad there, to have both traffic and DNS go to Mullvad.
I think we share a similar configuration? I currently have a mullvad endpoint configured in my opnsense firewall using the selective routing guide on their documentation and a few VMs that use that endpoint for internet connection.
Those VMs are also on my tailnet which also works just fine when i want to access them over the tailnet which does work for my use case i suppose i may as well keep it this way! Thanks everyone
late reply but if i only want geo unlocking on one or two devices would it be fine to just have mullvad as an add-on for tailscale?
Any chance you’d be willing to go into more detail how you have this set up? I’ve been trying to figure it out for days and I feel like I’m bashing my head against a wall
Yes sir.
Enable , disable as you please on the device!!!
This is What works for me!!!
Router capable of having vlan’s!!
Conventional vpn/config
Setup a vlan to use said conventional vpn/config
Setup a low power device as an exit node
Take the ip address of said exit node and route to vlan
Anytime you use that exit node your router will send the traffic to said vpn/config