Categories
Security

Tailscale mesh VPN

I’m a big fan of Tailscale ever since I heard about it. I connect my devices, but I always had an issue with not being able to route traffic for specific domains through the exit node. Something like split tunneling via the exit node. The main problem was that I just couldn’t find this feature, and LLMs sent me on a wild goose chase trying to achieve this with network hacks. None of them worked.

What I didn’t know is that this feature has existed for a while and is called App Connectors.

An app connector is a device with a tag-based identity that you configure to route traffic for a specific application. App connectors let you control access to third-party and software as a service (SaaS) applications available over your Tailscale network (known as a tailnet) in the same way that you would for self-hosted applications.

https://tailscale.com/kb/1281/app-connectors (2025-04-25)

This is the feature I was looking for all along but couldn’t find. With it, I’m able to send specific traffic through the ‘exit node,’ which is referred to as an app connector in this case.

This is what it looks like in the admin overview.

https://login.tailscale.com/admin/machines (2025-04-24)

You will be adding the app with the domains you want to route through the connector.

https://login.tailscale.com/admin/apps/custom-app (2025-04-24)

Then those IPs are no longer emerging from your regular network connection but are selectively routed through the connector. This is opposed to an exit node, which routes all outgoing traffic.

https://www.ipchicken.com/ (2025-04-24)

Domains

For services to function properly, they often need multiple domains to be routed in the same way. The git repository v2fly attempts to track this information and can help you find the domains you want to select.

Google Chromecast TV

I also use a Chromecast TV at my vacation home and like to stream content from my Plex instance at home. Unfortunately, the Tailscale app isn’t available on the Play Store for Chromecast TVs. However, I found a Reddit thread with a link that lets you enroll in the beta program for the Tailscale app using your Google account. Once enrolled, it becomes available for installation from the Play Store.

https://www.reddit.com/r/Tailscale/comments/1c69w8a/chromecast_not_able_to_download_tailscale_after/ (2025-04-24)

This is working flawlessly for me and was a great find; I wanted to reshare here.

https://play.google.com/apps/testing/com.tailscale.ipn (2025-04-25)

App: Tailscale // Welcome to the testing program.