Self-hosted VPN that can be accessed via browser extension
Currently I set up Tailscale in my Synology NAS and I can access selfhosted services on my phone using the Android app. I want to use some services in my work PC too but I'm blocked from installing any software. So my question is, is there any solution that allows me to connect to selfhosted VPN via browser extension? (Just like NordVPN, I can install the browser extension to use it and I don't need the Windows app.)
I use Cloudflare tunnels for this very reason, you can protect access to the page behind a login (I use azure AD).
It basically acts like a reverse proxy allowing me access to those local resources without anything being installed on the client computer.
This is the right answer.
The only other solution I can think of would be to put a device in the middle (such as this router).
Or you can use the CF Tunnel equivalent from Tailscale, called Funnel.
https://tailscale.com/blog/reintroducing-serve-funnel
I had the same problem as OP. My solution was to port forward to my server but then block connections from all IP addresses accept from my work, which I added to an allowlist.
It's working well so far, but I think the Cloudflare tunnel is the better option.
Maybe look into deploying a Socks5 proxy (e.g. socks5-server)? Then you can use socks5 browser extensions like FoxyProxy
https://shadowsocks.org/ should be a good option, easy to install, encrypted, and password protected
Most "VPN" browser extensions (if not all of them) aren't actually doing a VPN connection but just change the proxy setting in the browser. This is because as a browser extension they wouldn't have enough permissions/power to establish a real VPN connection.
So if you want to use a browser extension you have to run a proxy server, or as other said, just use cloudflared as running a proxy server attracts bots from all over the world
https://github.com/MHSanaei/3x-ui plus foxyproxy or Proxy SwitchyOmega if you're using chromiums
Configure the Funnel feature in Tailscale.
Funnel enables non-Tailscale clients to access specified resources in your Tailscale network via an encrypted tunnel provided by Tailscale.org.
Portable Apps or Scoop or if Linux, Appimage?
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
3 acronyms in this thread; the most compressed thread commented on today has 8 acronyms.
[Thread #387 for this sub, first seen 30th Dec 2023, 10:35] [FAQ] [Full list] [Contact] [Source code]