Self-hosted VPN that can be accessed via browser extension

Currently I set up Tailscale in my Synology NAS and I can access selfhosted services on my phone using the Android app. I want to use some services in my work PC too but I’m blocked from installing any software. So my question is, is there any solution that allows me to connect to selfhosted VPN via browser extension? (Just like NordVPN, I can install the browser extension to use it and I don’t need the Windows app.)

BearOfaTime,

Configure the Funnel feature in Tailscale.

Funnel enables non-Tailscale clients to access specified resources in your Tailscale network via an encrypted tunnel provided by Tailscale.org.

bruhduh, (edited )
@bruhduh@lemmy.world avatar

github.com/MHSanaei/3x-ui plus foxyproxy or Proxy SwitchyOmega if you’re using chromiums

MonkderZweite, (edited )

Portable Apps or Scoop or if Linux, Appimage?

AtariDump, (edited )

I’d be very wary about trying to bypass any workplace restrictions (which includes using a non-company VPN etc. etc.) to access self-hosted services.

Remember, your work computer belongs to the business (unless you’re self employed).

Depending on your line of work this could range from a slap on the wrist onto immediate termination and fines.

BearOfaTime,

Also very good advice

RootBeerGuy,
@RootBeerGuy@discuss.tchncs.de avatar

Yeah, that is the unfortunate reality. The better way is going through your IT department to get those extra things you need for work. If you are found out, and I am sure IT will eventually be able to, you will be in trouble.

Moonrise2473,

Most “VPN” browser extensions (if not all of them) aren’t actually doing a VPN connection but just change the proxy setting in the browser. This is because as a browser extension they wouldn’t have enough permissions/power to establish a real VPN connection.

So if you want to use a browser extension you have to run a proxy server, or as other said, just use cloudflared as running a proxy server attracts bots from all over the world

valkyre09,

I use Cloudflare tunnels for this very reason, you can protect access to the page behind a login (I use azure AD).

It basically acts like a reverse proxy allowing me access to those local resources without anything being installed on the client computer.

thefactremains,

This is the right answer.

The only other solution I can think of would be to put a device in the middle (such as this router).

lemmyvore,

Or you can use the CF Tunnel equivalent from Tailscale, called Funnel.

tailscale.com/blog/reintroducing-serve-funnel

k4j8,

I had the same problem as OP. My solution was to port forward to my server but then block connections from all IP addresses accept from my work, which I added to an allowlist.

It’s working well so far, but I think the Cloudflare tunnel is the better option.

auf,

Not a direct solution, but I found an interesting feature named SSH console. It won’t enable you to access your NAS directly but instead open SSH in the browser to access it remotely. Then you can somehow put some file on another cloud to access it from host machine. I know it’s not what you want but you know, doesn’t need any software other than a browser this way ;)

tailscale.com/blog/ssh-console

redcalcium,

Maybe look into deploying a Socks5 proxy (e.g. socks5-server)? Then you can use socks5 browser extensions like FoxyProxy

lorentz,

shadowsocks.org should be a good option, easy to install, encrypted, and password protected

  • All
  • Subscribed
  • Moderated
  • Favorites
  • selfhosted@lemmy.world
  • GTA5RPClips
  • DreamBathrooms
  • thenastyranch
  • magazineikmin
  • osvaldo12
  • ethstaker
  • Youngstown
  • mdbf
  • slotface
  • rosin
  • ngwrru68w68
  • kavyap
  • tester
  • cisconetworking
  • megavids
  • InstantRegret
  • khanakhh
  • cubers
  • everett
  • Durango
  • tacticalgear
  • Leos
  • modclub
  • normalnudes
  • provamag3
  • anitta
  • JUstTest
  • lostlight
  • All magazines
    •