alt Hacker NewsFor me, the benefit was simple: I blocked off ssh and Postgres on my production server from the public internet, making it such that these are only accessible from my development machine and other servers. Yet from inside the tailnet I can still talk to Postgres as if it was on LAN. I’m not sure of any easy way to do this without Tailscale.
Any VPN (including WireGuard) would allow you to do the same, and this in indeed how the systems are usually set up. Tailscale just makes the setup a bit easier, though for this use-case not by much, imho.