Which router should I get - Connect from remote location to use Home Internet

I wonder if anyone can help.

I am also looking for a small Device I can setup at home so that when I am abroad I can connect via VPN /internet to use home internet for work such that my location if monitored would show my usual home IP address. But I would also like Wifi if possible.

Thank in advance.

If you want a dedicated device, probably a Brume 2. But honestly these days I’d just install tailscale on a computer on your home network and set it up as an exit node. Done.

That said, my obligatory note that if your work is even halfway competent and they care, it is not hard to know you’re not at home unless you take some more extreme measures. That level of opsec takes a lot of dedication and discipline, and you only have to mess up once.

1 Like

To this scenario, I would activate in the exit node’s BIOS a magic packet to wake up the computer from outside and set up RDP to this node just in case if the company somehow checks the hardware.


I am new to Tailscale but managed to get it to work as expected by using on one of the GL.iNET routers to access the whole of my LAN as expected. Are you suggesting that I do not need to do this on the router level and just be able to access my whole LAN by installing Talescale on a computer within this LAN and access all the other clients from there? How does that work?


Let me know if you have problems

1 Like

Thank you very much indeed for the details. Will definitely look into this as well.

Without an exit node, only traffic bound for the LAN will actually go over the Tailscale interface - which may be what you want depending on your application. But yes, it’s basically the easiest way to set up a VPN server at the moment, and relies on something many people have sitting around

1 Like

Thanks again. Yes, I am starting to slowly get my head around it. What an amazing piece of networking tech and so glad that GL.iNET have managed to start its implementation on native UI. I hope that they will be able to iron out all the teething issues {with the help of the techies here like your good self).

Yeah, it’s undeniably slick. I personally prefer nebula for most uses, which I find to be faster and easier to maintain. That said, nebula doesn’t do exit-nodes or full tunnel routing because of technical reasons, so it’s not great for this application. Tailscale usually incurs a performance penalty on the order of OpenVPN (since most implementations are in userland), but it’s pretty crazy how well it just works.

1 Like

I do think the discussion goes in the wrong way.

In fact you are searching for a VPN solution. A VPN is build of 2 Endpoints. Your working device in your hands and a fixed endpoint with public reachable IP.

For the mobile solution I’ve started with the Beryl. Than I switched to the Slate AX and now I’ve stick with the Slate Plus.
The Beryl got the biggest storage at this time. Important for future updates and projets. The Slate AX has the greatest power in performance as well consumption, my wife is now happy with it. And the Slate Plus is perfect in physical size and power to transmit data.

For a mobile only gateway to your home, the Shadow also is a great device. Much smaller in size, but powerful enough to get access with a few clients from the hotel or camping site.

The much more complicated work is on the other site. You can use a VPN provider, but in this case you are able to say in which country your IP comes from, but not from your home.
Solution 1: Buy a second GL-Inet router. As a Server the Mango would du, but in my home Network, I would rather place something like the Brume 2 or Slate AX. Who knows if it will be uses as a guest network or other projects in future.
Solution 2: I have some Proxmox hosts running, with a bunch of virtual machines. So I just installed another LXC container with Linux as OS and a wireguard server. But you should have se experience with servers, networks and so on. Else use Solutuion 1.

1 Like

How so? Tailscale is a modern mesh VPN. It can accomplish exactly what the OP is trying to do. Saying a VPN is “built of 2 endpoints” is an old paradigm that is increasingly at odds with a push to zero-trust topologies.

This is precisely why Tailscale is such a good solution, particularly for people who want - as you will note the OP does - to have their IP show up from home, not from another VPN provider. Of course the solutions you note in the post work, but as you note they require some level of expertise. The fact that you can install a program on a Windows PC and click a couple of buttons to get a working VPN endpoint at your house that handles all of the firewalling and NAT-traversal for you is hugely valuable. (I try to think of “could my father do it?” as a good normalizing question here. For Tailscale, the answer is yes. For anything else, the answer is no.)

Again, I would be quite interested to know exactly why you think this discussion is going in the wrong direction.

Maybe, because I am too old for this new world.

I couldn’t imagine someone is able to build a VPN Infrastructure, build a Gateway and say ‘this GW over this net is your exit’, and think this is easier than set up something like a Raspberry Pi, setup a VPN Server and say this is a cascading router/gateway.

If there is a one-click solution. Great, pay for it as long as the provider is trustworthy.

But again, this is my small and dusty view of the world. I am not an expert. Just some random guy with internet and some experience.
If any answer here is better than mine, and works for the situation: Fine for me, I don’t need to be right.

Many thanks to you and everyone else, I forgot to mention at the Moment I have a Mango gl router which I have had for a while but dug it out yesterday updated the firmware and setup Openvpn which works on it, However I would like to upgrade that as well and perhaps pick up the Brume 2 / Slate AX as suggested.

I wasnt away of Tailscale until yesterday! I have setup tailscale on an always on Windows 2019 Server I have at home with on Homeassistant running on Virtualbox and also set it as the exit node.

IF go for the Slate AX because of Wifi, is it safe it will be able to do everything I want to achieve if I went with the Brume 2?

Edit:- Can Tailscale be installed on the glinet routers so that it connect to the home tailscale and use that as the exit node?

Many thanks in advance.

1 Like

Yup. You’ll be good to go.

Did I mention it’s free for up to 20 devices, or you can self-host your own control server if you don’t trust the provider?

I’d encourage you to look into it. It’s all powered by WireGuard underneath, but the real magic is in automatically configuring and connecting clients, along with all sorts of goodies you don’t get in a normal WG install (e.g. key rotation, etc.). The control server merely connects clients together and manages access lists, where WireGuard does the tunnel building piece.

I was skeptical that it would be useful at first too (after all, I’ve got a decade-old OpenVPN solution I’m still using in production), but I’m really thinking hard about how to integrate it into what we’re doing (with a self-hosted control server, of course).

Again, I’d encourage you to look at it. Install two clients, click “allow-exit-node” on one of them, go to the admin interface and enable that route, then click “use exit node” on the other client. Done. And it’s a one-click change between exit nodes.

I don’t need to be right either, but I was a bit taken aback by your assertion that my proposed solution was “in the wrong direction” - particularly when from my perspective it’s the easiest way for the OP to get things set up (as he’s confirmed he was able to do). It just seemed like a pretty aggressive statement in the context of the thread. Perhaps that’s not how it was intended, but it came across as, “Look guys, you’re talking about this non-VPN thing and it’s not a solution for the problem.”


One last question please, Can Tailscale be installed on the Slate AX so I use it to connect to the Home instance as exit node?

Thank you so much

Not yet, at least not without a custom firmware builds. GL.iNet say they are working on this.

Yeah, the problem is that exit node functionality doesn’t work yet - or at least it didn’t work as of two days ago, even if you set it in the CLI. It’s possible that it’s fixed in the latest snapshot, but I’m not holding my breath.

1 Like

Please don’t get offended by a random guy with half knowledge in the internet.

I have had in mind Taliscale don’t work well on all Gl-Inet devices. So I thought it is a little much to install packages over Luci, compile some sources or use a custom (even OpenWRT images) firmware, based on this basic question.
And when I read the latest reply, maybe I remembered it right. But everything that works is a solution.

Sounds promising. Especially the selfhosting and configurable Exit-Node.
I don’t think 20 devices is enough for me. I have now 53 configurations on my Wireguard Server. If I’d clean up, maybe 3 or 4 less. But it sounds interesting, I will take a look, if Gl-Inet is supporting it by default.


If you want to self-host, you’ll want to look at headscale. The process is pretty straightforward. It takes a little getting used to the new paradigm (e.g. have your VPN installed everywhere and use the magicdns to route things), but it’s really pretty useful once you do. It’s honestly to the point where I would feel comfortable not running a VPN at all on the router and just running it on clients behind the router.

It would be nice if GL.iNet could get decent support together, but it’s not there yet. And there’s a real performance penalty (think OpenVPN, not WireGuard). But unless you’re doing heavy network traffic a lot, it’s really a great solution.

1 Like