this post was submitted on 08 Apr 2024
9 points (100.0% liked)
Tailscale
94 readers
1 users here now
A community for the Tailscale WireGuard-based VPN. https://tailscale.com/
founded 9 months ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I did it. Here's full config: https://bin.cat.casa/?9b6e81b89f08756a#HR7TPhgswUU3aDeqEqQxsf5nA6ivdeXjG1FHrscyfJCF
I've used 5050 for HTTPS and 5049 for HTTP.
@iso Thanks a lot! Are you using letsencrypt for tls or a reverse proxy? If letsencrypt, did you have to setup firewall rules for port 80 like mention here: https://headscale.net/tls/#http-01.
> Keep in mind, however, that Let's Encrypt will only connect to port 80 for the validation callback, so if you change tls_letsencrypt_listen you will also need to configure something else (e.g. a firewall rule) to forward the traffic from port 80 to the ip:port combination specified in tls_letsencrypt_listen.
Yeah forgot to mention that. I have redirected
vpn.mycompany.com:80
to port 5049 with Traefik.