im just curious, its gonna be a test, ive got school tomorrow, just gotta help it works, if anyone knows if it can i cannot wait for tmrw, please reply, thanks
UPDATE: IT WORKS, IM POSTING THIS ON SCHOOL WIFI NOT ON DATA, YESSSS
Don’t listen to that guy. The answer is “yes” given the exact conditions you mentioned. The only thing admins would see it that you’re routing all traffic through one (Tailscale) IP.
They could potentially block that IP but until then you’re fine as long as nobody bitches about it.
I wouldn’t advise trying to get around your network admins blocks and configuration. If you’re doing this as an exercise to learn, I’d suggest approaching them and having the discussion with them instead. You’d likely be breaking your schools computer use policy and could land yourself in varying degrees of trouble depending on where you are in the world.
Essentially, yes you probably could. You’d need the Pi at home running as an exit node, and then you’d need another tailscale device to use that exit node. All of your traffic would be encrypted between the two devices which would prevent any kind of snooping and would then be forwarded on by your exit node. The response would return via the same path. That’s assuming your school do not block VPN traffic on their network, and that you can install tailscale on the given device.
Once again, if you’re curious and looking to learn, go and speak to the IT team. Don’t mess around with their network, they will likely figure it out given they have experience running school networks.
Tailscale is one of the few setups that gets around the firewall at the office I work in. Normal VPN’s get blocked and even ZeroTier and Wireguard get blocked but somehow Tailscale manages to punch through and does exactly what you are looking to do.
Depending how blockers are set up. I’ve been to some schools where they blocked WireGuard.
WARP 1.1.1.1 works too but it does not allow you to connect to your local network at school or any other remote location. It does circumvent any content restrictions though.
Correct. Other dude makes no sense and is simply fear mongering. People use Tailscale exit nodes for remote working all the time so their company doesn’t see where they are. It’s not that complex.
I’m only planning to do this on my personal laptop as a test, and also like, idgaf about the school for all I care they can go fuck them selves
Bro is the kind of person to remind the teacher to assign homework 
It’s just using a different destination port …
This is the case at my school. I was able to use Open VPN, but Tailscale doesn’t seem to work.
You say it’s not that complex, and whilst Tailscale does work on my office network ZeroTier and Wireguard don’t so Tailscale is doing something that the others don’t/can’t.
You’re conflating a corporate environment with a school one. Different filters. And much different philosophies. So, yes, it may work, and at some point, it may stop working.
-
Corporate users often have to VPN. Schools often block VPN connections. Some even have Application Layer firewalls that specifically look for Wireguard and other VPN traffic types. Easily blockable in that case.
-
Corporate environments may have filtering but folks are adults. Schools have federally mandated rules and laws requiring them to block “obscene” content, whatever that is, and generally, that means blocking any means of circumventing blocks.
-
Most schools’ filtering systems are tracking and analyzing internet behavior. If something hasn’t been seen before, it may work, for now, but after it’s been classified, or different category blocks are applied, it may be blocked in the future. It may not be the end nodes that are blocked. It may be the coordination servers marking the traffic as TailScale that would be blocked in this case. I might know of a school that has a block like this for students…
So yay, it works. Enjoy it, but don’t make too much noise, because that can change. School techs do enjoy a good game of whack-a-mole, occasionally. Take it as you will. That’s just the way school tech works. (At least in some parts of the nation.)
Ignore these hand wringers. How about it and good luck!
Rather than take that attitude if you do get caught just say that because it worked you thought it must be approved and okay to do, after all why else would the admins allow it through.
I understand, but this is about “giving a fuck” about yourself rather than the school. Whether you like the school or not, you could get yourself in hot water from something like this. You want to be looking after yourself here. It’s up to you of course, but take it from someone who got in trouble as a kid for things like this, it’ll come back to bite you.
No, not really, but yes. The relay would over standard https port 443, which is why I looks like normal web traffic.
I mean for the end user lol. The end result is just a different IP that doesn’t change wherever you are.
You would likely be breaking the schools terms of service and yes could get in trouble if they found out and decided to do something about it.
Also depending if this is K-12, they potentially use whitelists which could prevent you from using Tailscale.
No, it doesn’t, any package inspection would catch that with no issue, but since most do not do that (too expensive) you can fly under the radar but only on UDP, which on its own is a huge red flag if you have UDP via 443 egressing your network. Any middle of the shelf network admin can block any of these attempts to make a remote connection by simply blocking UDP for egress. Which remember, why would anyone need UDP egress from any network that provides the few UDP services (like NTP) already on-site? Get my idea? Tailscale does not work “better” than pure wireguard. You can do the exact same thing with wireguard too.