[{"data":1,"prerenderedAt":1454},["ShallowReactive",2],{"tech-tailscale-vpn-exit-node":3},{"id":4,"title":5,"author":6,"body":7,"category":1438,"date":1439,"description":1440,"extension":1441,"image":1442,"meta":1443,"navigation":176,"path":1444,"readingTime":1445,"seo":1446,"stem":1447,"tags":1448,"__hash__":1453},"tech\u002Ftech\u002Ftailscale-vpn-exit-node.md","Tailscale VPN di VPS — Bypass Blokiran Internet dengan Mudah","Zainul Fanani",{"type":8,"value":9,"toc":1410},"minimark",[10,30,35,38,41,48,53,64,67,71,220,223,226,230,252,255,259,338,341,345,348,376,379,383,390,470,484,508,512,515,557,560,564,596,599,602,614,617,621,624,645,648,718,737,742,745,848,851,855,866,869,928,934,938,1019,1022,1025,1035,1042,1046,1050,1065,1069,1085,1089,1098,1102,1114,1117,1121,1164,1167,1171,1203,1207,1213,1219,1225,1237,1243,1249,1252,1290,1297,1302,1337,1340,1344,1351,1360,1363,1367,1370,1373,1390,1393,1396,1406],[11,12,13],"blockquote",{},[14,15,16,17,21,22,29],"p",{},"📎 ",[18,19,20],"strong",{},"Source:"," ",[23,24,28],"a",{"href":25,"rel":26},"https:\u002F\u002Fgithub.com\u002Ffanani-radian\u002Fopenclaw-sumopod",[27],"nofollow","openclaw-sumopod"," — view on GitHub & star ⭐",[31,32,34],"h1",{"id":33},"tailscale-vpn-di-vps-bypass-blokiran-internet-gak-pake-ribet","Tailscale VPN di VPS — Bypass Blokiran Internet Gak Pake Ribet",[14,36,37],{},"Pernah ngerasa kesel gara-gara Reddit keblokir? Atau pengen browsing tanpa ISP ngintip tiap aktivitas kamu di internet? Di Indonesia, blokir situs itu sudah kayak makan siang — tiap kali ada yang baru, pasti masuk list Kemenkominfo.",[14,39,40],{},"Nah, daripada pakai VPN komersial yang bayar per bulan, bandwidth terbatas, dan privacy policy-nya questionable... kenapa nggak bikin sendiri?",[14,42,43,44,47],{},"Tutorial ini bakal ngajarin kamu setup ",[18,45,46],{},"Tailscale sebagai exit node di VPS",". Gratis, cepet, dan kamu yang pegang kendali penuh.",[49,50,52],"h2",{"id":51},"kenapa-tailscale","Kenapa Tailscale?",[14,54,55,56,59,60,63],{},"Banyak tutorial VPN nunjukkin ke layanan komersial. Fee bulanan, bandwidth dibatasi, privacy policy yang bikin geleng-geleng. Tailscale beda — ",[18,57,58],{},"gratis"," buat personal use, dibangun di atas ",[18,61,62],{},"WireGuard"," (standar emas buat VPN encryption), dan setup-nya gampang banget.",[14,65,66],{},"Bayangin gini: daripada nyewa server orang lain, kamu pakai server kamu sendiri. Full control. Nggak ada logging. Nggak ada bandwidth limit. Nggak ada middleman.",[49,68,70],{"id":69},"cara-kerjanya","Cara Kerjanya",[72,73,78],"pre",{"className":74,"code":75,"language":76,"meta":77,"style":77},"language-mermaid shiki shiki-themes github-light github-dark","graph LR\n    subgraph Device Kamu\n        A[Phone]\n        B[Laptop]\n        C[Tablet]\n    end\n    subgraph Tailscale Network\n        D[Tailscale Mesh]\n    end\n    subgraph VPS\n        E[Tailscale Daemon]\n        F[Exit Node]\n        G[iptables NAT]\n    end\n    H[Internet]\n\n    A --> D\n    B --> D\n    C --> D\n    D -->|Encrypted Tunnel| E\n    E --> F\n    F --> G\n    G --> H\n","mermaid","",[79,80,81,89,95,101,107,113,119,125,131,136,142,148,154,160,165,171,178,184,190,196,202,208,214],"code",{"__ignoreMap":77},[82,83,86],"span",{"class":84,"line":85},"line",1,[82,87,88],{},"graph LR\n",[82,90,92],{"class":84,"line":91},2,[82,93,94],{},"    subgraph Device Kamu\n",[82,96,98],{"class":84,"line":97},3,[82,99,100],{},"        A[Phone]\n",[82,102,104],{"class":84,"line":103},4,[82,105,106],{},"        B[Laptop]\n",[82,108,110],{"class":84,"line":109},5,[82,111,112],{},"        C[Tablet]\n",[82,114,116],{"class":84,"line":115},6,[82,117,118],{},"    end\n",[82,120,122],{"class":84,"line":121},7,[82,123,124],{},"    subgraph Tailscale Network\n",[82,126,128],{"class":84,"line":127},8,[82,129,130],{},"        D[Tailscale Mesh]\n",[82,132,134],{"class":84,"line":133},9,[82,135,118],{},[82,137,139],{"class":84,"line":138},10,[82,140,141],{},"    subgraph VPS\n",[82,143,145],{"class":84,"line":144},11,[82,146,147],{},"        E[Tailscale Daemon]\n",[82,149,151],{"class":84,"line":150},12,[82,152,153],{},"        F[Exit Node]\n",[82,155,157],{"class":84,"line":156},13,[82,158,159],{},"        G[iptables NAT]\n",[82,161,163],{"class":84,"line":162},14,[82,164,118],{},[82,166,168],{"class":84,"line":167},15,[82,169,170],{},"    H[Internet]\n",[82,172,174],{"class":84,"line":173},16,[82,175,177],{"emptyLinePlaceholder":176},true,"\n",[82,179,181],{"class":84,"line":180},17,[82,182,183],{},"    A --> D\n",[82,185,187],{"class":84,"line":186},18,[82,188,189],{},"    B --> D\n",[82,191,193],{"class":84,"line":192},19,[82,194,195],{},"    C --> D\n",[82,197,199],{"class":84,"line":198},20,[82,200,201],{},"    D -->|Encrypted Tunnel| E\n",[82,203,205],{"class":84,"line":204},21,[82,206,207],{},"    E --> F\n",[82,209,211],{"class":84,"line":210},22,[82,212,213],{},"    F --> G\n",[82,215,217],{"class":84,"line":216},23,[82,218,219],{},"    G --> H\n",[14,221,222],{},"Jadi ceritanya gini: device kamu konek ke VPS lewat encrypted tunnel. ISP kamu cuma lihat data ter-encrypt, nggak ngerti isinya apa. Website yang kamu kunjungi ngeliat IP VPS kamu, bukan IP rumah. Dan kamu bisa akses internet tanpa batasan.",[14,224,225],{},"Simple kan? Tapi implementasinya ada beberapa step yang perlu diperhatiin. Let's go.",[49,227,229],{"id":228},"yang-kamu-butuhkan","Yang Kamu Butuhkan",[231,232,233,243,246,249],"ul",{},[234,235,236,237,242],"li",{},"VPS dengan Linux (aku pakai ",[23,238,241],{"href":239,"rel":240},"https:\u002F\u002Fsumopod.com",[27],"SumoPod"," — murah dan kencang)",[234,244,245],{},"Akses root via SSH",[234,247,248],{},"Akun Tailscale gratis",[234,250,251],{},"15 menit waktu luang",[14,253,254],{},"Nggak perlu hardware khusus. Nggak perlu software berbayar. Cukup VPS murah dan akun Tailscale gratis — itu saja.",[49,256,258],{"id":257},"gambaran-setup","Gambaran Setup",[72,260,262],{"className":74,"code":261,"language":76,"meta":77,"style":77},"flowchart TD\n    A[Start] --> B[Install Tailscale]\n    B --> C[Bikin systemd service]\n    C --> D[Aktifin IP forwarding]\n    D --> E[Jalankan Tailscale daemon]\n    E --> F[Setup iptables NAT]\n    F --> G[Advertise exit node]\n    G --> H[Buka UDP 41641 buat speed]\n    H --> I[Setup device client]\n    I --> J[Done!]\n\n    style A fill:#4CAF50,color:#fff\n    style J fill:#4CAF50,color:#fff\n    style C fill:#FF9800,color:#fff\n    style F fill:#FF9800,color:#fff\n",[79,263,264,269,274,279,284,289,294,299,304,309,314,318,323,328,333],{"__ignoreMap":77},[82,265,266],{"class":84,"line":85},[82,267,268],{},"flowchart TD\n",[82,270,271],{"class":84,"line":91},[82,272,273],{},"    A[Start] --> B[Install Tailscale]\n",[82,275,276],{"class":84,"line":97},[82,277,278],{},"    B --> C[Bikin systemd service]\n",[82,280,281],{"class":84,"line":103},[82,282,283],{},"    C --> D[Aktifin IP forwarding]\n",[82,285,286],{"class":84,"line":109},[82,287,288],{},"    D --> E[Jalankan Tailscale daemon]\n",[82,290,291],{"class":84,"line":115},[82,292,293],{},"    E --> F[Setup iptables NAT]\n",[82,295,296],{"class":84,"line":121},[82,297,298],{},"    F --> G[Advertise exit node]\n",[82,300,301],{"class":84,"line":127},[82,302,303],{},"    G --> H[Buka UDP 41641 buat speed]\n",[82,305,306],{"class":84,"line":133},[82,307,308],{},"    H --> I[Setup device client]\n",[82,310,311],{"class":84,"line":138},[82,312,313],{},"    I --> J[Done!]\n",[82,315,316],{"class":84,"line":144},[82,317,177],{"emptyLinePlaceholder":176},[82,319,320],{"class":84,"line":150},[82,321,322],{},"    style A fill:#4CAF50,color:#fff\n",[82,324,325],{"class":84,"line":156},[82,326,327],{},"    style J fill:#4CAF50,color:#fff\n",[82,329,330],{"class":84,"line":162},[82,331,332],{},"    style C fill:#FF9800,color:#fff\n",[82,334,335],{"class":84,"line":167},[82,336,337],{},"    style F fill:#FF9800,color:#fff\n",[14,339,340],{},"Step yang warna oranye itu yang paling sering dilewatin kebanyakan tutorial. Padahal itu bedanya antara \"technically jalan\" dan \"beneran reliable di daily use.\"",[49,342,344],{"id":343},"step-1-install-tailscale-di-vps","Step 1: Install Tailscale di VPS",[14,346,347],{},"SSH ke VPS kamu, lalu jalankan:",[72,349,353],{"className":350,"code":351,"language":352,"meta":77,"style":77},"language-bash shiki shiki-themes github-light github-dark","curl -fsSL https:\u002F\u002Ftailscale.com\u002Finstall.sh | sh\n","bash",[79,354,355],{"__ignoreMap":77},[82,356,357,361,365,369,373],{"class":84,"line":85},[82,358,360],{"class":359},"sScJk","curl",[82,362,364],{"class":363},"sj4cs"," -fsSL",[82,366,368],{"class":367},"sZZnC"," https:\u002F\u002Ftailscale.com\u002Finstall.sh",[82,370,372],{"class":371},"szBVR"," |",[82,374,375],{"class":359}," sh\n",[14,377,378],{},"Tunggu sampai selesai. Gampang kan? Step selanjutnya yang agak tricky.",[49,380,382],{"id":381},"step-2-bikin-systemd-service","Step 2: Bikin systemd Service",[14,384,385,386,389],{},"Di distro RHEL-based (CentOS, AlmaLinux, OpenCloudOS), installer Tailscale ",[18,387,388],{},"nggak otomatis"," bikin systemd service. Kamu harus bikin sendiri. Ini step yang paling sering bikin orang bingung.",[72,391,393],{"className":350,"code":392,"language":352,"meta":77,"style":77},"cat > \u002Fetc\u002Fsystemd\u002Fsystem\u002Ftailscaled.service \u003C\u003C EOF\n[Unit]\nDescription=Tailscale node daemon\nAfter=network.target\n\n[Service]\nExecStart=\u002Fusr\u002Flocal\u002Fbin\u002Ftailscaled --tun=tailscaled --state=\u002Fvar\u002Flib\u002Ftailscale\u002Ftailscaled.state\nRestart=on-failure\nLimitNOFILE=65536\n\n[Install]\nWantedBy=multi-user.target\nEOF\n",[79,394,395,412,417,422,427,431,436,441,446,451,455,460,465],{"__ignoreMap":77},[82,396,397,400,403,406,409],{"class":84,"line":85},[82,398,399],{"class":359},"cat",[82,401,402],{"class":371}," >",[82,404,405],{"class":367}," \u002Fetc\u002Fsystemd\u002Fsystem\u002Ftailscaled.service",[82,407,408],{"class":371}," \u003C\u003C",[82,410,411],{"class":367}," EOF\n",[82,413,414],{"class":84,"line":91},[82,415,416],{"class":367},"[Unit]\n",[82,418,419],{"class":84,"line":97},[82,420,421],{"class":367},"Description=Tailscale node daemon\n",[82,423,424],{"class":84,"line":103},[82,425,426],{"class":367},"After=network.target\n",[82,428,429],{"class":84,"line":109},[82,430,177],{"emptyLinePlaceholder":176},[82,432,433],{"class":84,"line":115},[82,434,435],{"class":367},"[Service]\n",[82,437,438],{"class":84,"line":121},[82,439,440],{"class":367},"ExecStart=\u002Fusr\u002Flocal\u002Fbin\u002Ftailscaled --tun=tailscaled --state=\u002Fvar\u002Flib\u002Ftailscale\u002Ftailscaled.state\n",[82,442,443],{"class":84,"line":127},[82,444,445],{"class":367},"Restart=on-failure\n",[82,447,448],{"class":84,"line":133},[82,449,450],{"class":367},"LimitNOFILE=65536\n",[82,452,453],{"class":84,"line":138},[82,454,177],{"emptyLinePlaceholder":176},[82,456,457],{"class":84,"line":144},[82,458,459],{"class":367},"[Install]\n",[82,461,462],{"class":84,"line":150},[82,463,464],{"class":367},"WantedBy=multi-user.target\n",[82,466,467],{"class":84,"line":156},[82,468,469],{"class":367},"EOF\n",[14,471,472,475,476,479,480,483],{},[18,473,474],{},"Detail penting:"," flag ",[79,477,478],{},"--tun=tailscaled",". Tanpa flag ini, Tailscale jalan di mode userspace networking — dan ini ",[18,481,482],{},"nggak bisa"," difungsikan sebagai exit node. Jadi jangan sampai lupa ya.",[72,485,487],{"className":350,"code":486,"language":352,"meta":77,"style":77},"mkdir -p \u002Fvar\u002Flib\u002Ftailscale\nsystemctl daemon-reload\n",[79,488,489,500],{"__ignoreMap":77},[82,490,491,494,497],{"class":84,"line":85},[82,492,493],{"class":359},"mkdir",[82,495,496],{"class":363}," -p",[82,498,499],{"class":367}," \u002Fvar\u002Flib\u002Ftailscale\n",[82,501,502,505],{"class":84,"line":91},[82,503,504],{"class":359},"systemctl",[82,506,507],{"class":367}," daemon-reload\n",[49,509,511],{"id":510},"step-3-aktifin-ip-forwarding","Step 3: Aktifin IP Forwarding",[14,513,514],{},"Supaya VPS bisa meneruskan traffic dari device kamu ke internet, IP forwarding harus di-enable:",[72,516,518],{"className":350,"code":517,"language":352,"meta":77,"style":77},"cat > \u002Fetc\u002Fsysctl.d\u002F99-tailscale.conf \u003C\u003C EOF\nnet.ipv4.ip_forward = 1\nnet.ipv6.conf.all.forwarding = 1\nEOF\nsysctl -p \u002Fetc\u002Fsysctl.d\u002F99-tailscale.conf\n",[79,519,520,533,538,543,547],{"__ignoreMap":77},[82,521,522,524,526,529,531],{"class":84,"line":85},[82,523,399],{"class":359},[82,525,402],{"class":371},[82,527,528],{"class":367}," \u002Fetc\u002Fsysctl.d\u002F99-tailscale.conf",[82,530,408],{"class":371},[82,532,411],{"class":367},[82,534,535],{"class":84,"line":91},[82,536,537],{"class":367},"net.ipv4.ip_forward = 1\n",[82,539,540],{"class":84,"line":97},[82,541,542],{"class":367},"net.ipv6.conf.all.forwarding = 1\n",[82,544,545],{"class":84,"line":103},[82,546,469],{"class":367},[82,548,549,552,554],{"class":84,"line":109},[82,550,551],{"class":359},"sysctl",[82,553,496],{"class":363},[82,555,556],{"class":367}," \u002Fetc\u002Fsysctl.d\u002F99-tailscale.conf\n",[14,558,559],{},"Kalau output-nya nol error, berarti udah berhasil. Lanjut.",[49,561,563],{"id":562},"step-4-start-dan-auth","Step 4: Start dan Auth",[72,565,567],{"className":350,"code":566,"language":352,"meta":77,"style":77},"systemctl enable --now tailscaled\ntailscale up --advertise-exit-node --accept-routes\n",[79,568,569,582],{"__ignoreMap":77},[82,570,571,573,576,579],{"class":84,"line":85},[82,572,504],{"class":359},[82,574,575],{"class":367}," enable",[82,577,578],{"class":363}," --now",[82,580,581],{"class":367}," tailscaled\n",[82,583,584,587,590,593],{"class":84,"line":91},[82,585,586],{"class":359},"tailscale",[82,588,589],{"class":367}," up",[82,591,592],{"class":363}," --advertise-exit-node",[82,594,595],{"class":363}," --accept-routes\n",[14,597,598],{},"Command terakhir bakal nge-output URL. Buka URL itu di browser, login, dan authorize VPS kamu.",[14,600,601],{},"Udah? Cek status-nya:",[72,603,605],{"className":350,"code":604,"language":352,"meta":77,"style":77},"tailscale status\n",[79,606,607],{"__ignoreMap":77},[82,608,609,611],{"class":84,"line":85},[82,610,586],{"class":359},[82,612,613],{"class":367}," status\n",[14,615,616],{},"Kalau keliatan device kamu di list, berarti udah konek.",[49,618,620],{"id":619},"step-5-setup-nat","Step 5: Setup NAT",[14,622,623],{},"Ini bagian yang bikin traffic dari device kamu bisa keluar ke internet lewat VPS. Pertama, cek nama interface network kamu:",[72,625,627],{"className":350,"code":626,"language":352,"meta":77,"style":77},"ip route | grep default\n",[79,628,629],{"__ignoreMap":77},[82,630,631,634,637,639,642],{"class":84,"line":85},[82,632,633],{"class":359},"ip",[82,635,636],{"class":367}," route",[82,638,372],{"class":371},[82,640,641],{"class":359}," grep",[82,643,644],{"class":367}," default\n",[14,646,647],{},"Lalu setup iptables NAT:",[72,649,651],{"className":350,"code":650,"language":352,"meta":77,"style":77},"iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE\niptables -A FORWARD -i tailscale0 -j ACCEPT\niptables -A FORWARD -o tailscale0 -j ACCEPT\n",[79,652,653,682,702],{"__ignoreMap":77},[82,654,655,658,661,664,667,670,673,676,679],{"class":84,"line":85},[82,656,657],{"class":359},"iptables",[82,659,660],{"class":363}," -t",[82,662,663],{"class":367}," nat",[82,665,666],{"class":363}," -A",[82,668,669],{"class":367}," POSTROUTING",[82,671,672],{"class":363}," -o",[82,674,675],{"class":367}," eth0",[82,677,678],{"class":363}," -j",[82,680,681],{"class":367}," MASQUERADE\n",[82,683,684,686,688,691,694,697,699],{"class":84,"line":91},[82,685,657],{"class":359},[82,687,666],{"class":363},[82,689,690],{"class":367}," FORWARD",[82,692,693],{"class":363}," -i",[82,695,696],{"class":367}," tailscale0",[82,698,678],{"class":363},[82,700,701],{"class":367}," ACCEPT\n",[82,703,704,706,708,710,712,714,716],{"class":84,"line":97},[82,705,657],{"class":359},[82,707,666],{"class":363},[82,709,690],{"class":367},[82,711,672],{"class":363},[82,713,696],{"class":367},[82,715,678],{"class":363},[82,717,701],{"class":367},[14,719,720,726,727,729,730,729,733,736],{},[18,721,722,723],{},"Ganti ",[79,724,725],{},"eth0"," dengan nama interface kamu kalau beda. Biasanya ",[79,728,725],{}," atau ",[79,731,732],{},"ens3",[79,734,735],{},"enp1s0",".",[738,739,741],"h3",{"id":740},"biar-iptables-rules-nggak-hilang-pas-reboot","Biar iptables Rules Nggak Hilang Pas Reboot",[14,743,744],{},"Ini juga sering kena. Setup lancar, tapi pas VPS reboot... traffic mati. Penyebabnya: iptables rules nggak persistent. Fix-nya gini:",[72,746,748],{"className":350,"code":747,"language":352,"meta":77,"style":77},"iptables-save > \u002Fetc\u002Fiptables.rules\n\ncat > \u002Fetc\u002Fsystemd\u002Fsystem\u002Fiptables-restore.service \u003C\u003C EOF\n[Unit]\nDescription=Restore iptables rules\nBefore=network-pre.target\nWants=network-pre.target\n\n[Service]\nType=oneshot\nExecStart=\u002Fusr\u002Fsbin\u002Fiptables-restore \u002Fetc\u002Fiptables.rules\nRemainAfterExit=yes\n\n[Install]\nWantedBy=multi-user.target\nEOF\n\nsystemctl enable iptables-restore\n",[79,749,750,760,764,777,781,786,791,796,800,804,809,814,819,823,827,831,835,839],{"__ignoreMap":77},[82,751,752,755,757],{"class":84,"line":85},[82,753,754],{"class":359},"iptables-save",[82,756,402],{"class":371},[82,758,759],{"class":367}," \u002Fetc\u002Fiptables.rules\n",[82,761,762],{"class":84,"line":91},[82,763,177],{"emptyLinePlaceholder":176},[82,765,766,768,770,773,775],{"class":84,"line":97},[82,767,399],{"class":359},[82,769,402],{"class":371},[82,771,772],{"class":367}," \u002Fetc\u002Fsystemd\u002Fsystem\u002Fiptables-restore.service",[82,774,408],{"class":371},[82,776,411],{"class":367},[82,778,779],{"class":84,"line":103},[82,780,416],{"class":367},[82,782,783],{"class":84,"line":109},[82,784,785],{"class":367},"Description=Restore iptables rules\n",[82,787,788],{"class":84,"line":115},[82,789,790],{"class":367},"Before=network-pre.target\n",[82,792,793],{"class":84,"line":121},[82,794,795],{"class":367},"Wants=network-pre.target\n",[82,797,798],{"class":84,"line":127},[82,799,177],{"emptyLinePlaceholder":176},[82,801,802],{"class":84,"line":133},[82,803,435],{"class":367},[82,805,806],{"class":84,"line":138},[82,807,808],{"class":367},"Type=oneshot\n",[82,810,811],{"class":84,"line":144},[82,812,813],{"class":367},"ExecStart=\u002Fusr\u002Fsbin\u002Fiptables-restore \u002Fetc\u002Fiptables.rules\n",[82,815,816],{"class":84,"line":150},[82,817,818],{"class":367},"RemainAfterExit=yes\n",[82,820,821],{"class":84,"line":156},[82,822,177],{"emptyLinePlaceholder":176},[82,824,825],{"class":84,"line":162},[82,826,459],{"class":367},[82,828,829],{"class":84,"line":167},[82,830,464],{"class":367},[82,832,833],{"class":84,"line":173},[82,834,469],{"class":367},[82,836,837],{"class":84,"line":180},[82,838,177],{"emptyLinePlaceholder":176},[82,840,841,843,845],{"class":84,"line":186},[82,842,504],{"class":359},[82,844,575],{"class":367},[82,846,847],{"class":367}," iptables-restore\n",[14,849,850],{},"Sekarang iptables rules bakal auto-restore setiap VPS boot. Aman.",[49,852,854],{"id":853},"step-6-optimasi-speed","Step 6: Optimasi Speed",[14,856,857,858,861,862,865],{},"Tailscale sebenarnya coba bikin koneksi ",[18,859,860],{},"direct P2P"," antara device kamu dan VPS. Tapi kalau gagal (biasanya karena port tertutup), traffic bakal lewat ",[18,863,864],{},"relay server"," — dan ini jauh lebih lambat.",[14,867,868],{},"Buka port 41641 di iptables:",[72,870,872],{"className":350,"code":871,"language":352,"meta":77,"style":77},"iptables -I INPUT -p udp --dport 41641 -j ACCEPT\niptables -I INPUT -p tcp --dport 41641 -j ACCEPT\niptables-save > \u002Fetc\u002Fiptables.rules\n",[79,873,874,899,920],{"__ignoreMap":77},[82,875,876,878,881,884,886,889,892,895,897],{"class":84,"line":85},[82,877,657],{"class":359},[82,879,880],{"class":363}," -I",[82,882,883],{"class":367}," INPUT",[82,885,496],{"class":363},[82,887,888],{"class":367}," udp",[82,890,891],{"class":363}," --dport",[82,893,894],{"class":363}," 41641",[82,896,678],{"class":363},[82,898,701],{"class":367},[82,900,901,903,905,907,909,912,914,916,918],{"class":84,"line":91},[82,902,657],{"class":359},[82,904,880],{"class":363},[82,906,883],{"class":367},[82,908,496],{"class":363},[82,910,911],{"class":367}," tcp",[82,913,891],{"class":363},[82,915,894],{"class":363},[82,917,678],{"class":363},[82,919,701],{"class":367},[82,921,922,924,926],{"class":84,"line":97},[82,923,754],{"class":359},[82,925,402],{"class":371},[82,927,759],{"class":367},[14,929,930,933],{},[18,931,932],{},"Dan jangan lupa"," buka juga UDP 41641 di firewall dashboard VPS provider kamu. Kebanyakan orang cuma buka di iptables, tapi lupa di provider dashboard. Hasilnya? Tetap lewat relay.",[738,935,937],{"id":936},"direct-vs-relay-bedanya-signifikan-banget","Direct vs Relay — Bedanya Signifikan Banget",[72,939,941],{"className":74,"code":940,"language":76,"meta":77,"style":77},"graph TB\n    subgraph Direct [Direct P2P - Full Speed]\n        A1[Phone Kamu] -->|WireGuard Encrypted| A2[VPS]\n        A2 --> A3[Internet]\n        A1 -.->|200 Mbps| A3\n    end\n\n    subgraph Relay [DERP Relay - Bottlenecked]\n        B1[Phone Kamu] -->|Encrypted| B2[DERP Relay Server]\n        B2 -->|Encrypted| B3[VPS]\n        B3 --> B4[Internet]\n        B1 -.->|25 Mbps| B4\n    end\n\n    style Direct fill:#4CAF50,color:#fff\n    style Relay fill:#f44336,color:#fff\n",[79,942,943,948,953,958,963,968,972,976,981,986,991,996,1001,1005,1009,1014],{"__ignoreMap":77},[82,944,945],{"class":84,"line":85},[82,946,947],{},"graph TB\n",[82,949,950],{"class":84,"line":91},[82,951,952],{},"    subgraph Direct [Direct P2P - Full Speed]\n",[82,954,955],{"class":84,"line":97},[82,956,957],{},"        A1[Phone Kamu] -->|WireGuard Encrypted| A2[VPS]\n",[82,959,960],{"class":84,"line":103},[82,961,962],{},"        A2 --> A3[Internet]\n",[82,964,965],{"class":84,"line":109},[82,966,967],{},"        A1 -.->|200 Mbps| A3\n",[82,969,970],{"class":84,"line":115},[82,971,118],{},[82,973,974],{"class":84,"line":121},[82,975,177],{"emptyLinePlaceholder":176},[82,977,978],{"class":84,"line":127},[82,979,980],{},"    subgraph Relay [DERP Relay - Bottlenecked]\n",[82,982,983],{"class":84,"line":133},[82,984,985],{},"        B1[Phone Kamu] -->|Encrypted| B2[DERP Relay Server]\n",[82,987,988],{"class":84,"line":138},[82,989,990],{},"        B2 -->|Encrypted| B3[VPS]\n",[82,992,993],{"class":84,"line":144},[82,994,995],{},"        B3 --> B4[Internet]\n",[82,997,998],{"class":84,"line":150},[82,999,1000],{},"        B1 -.->|25 Mbps| B4\n",[82,1002,1003],{"class":84,"line":156},[82,1004,118],{},[82,1006,1007],{"class":84,"line":162},[82,1008,177],{"emptyLinePlaceholder":176},[82,1010,1011],{"class":84,"line":167},[82,1012,1013],{},"    style Direct fill:#4CAF50,color:#fff\n",[82,1015,1016],{"class":84,"line":173},[82,1017,1018],{},"    style Relay fill:#f44336,color:#fff\n",[14,1020,1021],{},"Dengan direct P2P, kamu dapet full speed VPS — bisa sampai 200 Mbps. Kalau lewat relay? Cekik banget, sekitar 25 Mbps doang. Bedanya kayak tol vs jalan kampung.",[14,1023,1024],{},"Cek koneksi kamu:",[72,1026,1027],{"className":350,"code":604,"language":352,"meta":77,"style":77},[79,1028,1029],{"__ignoreMap":77},[82,1030,1031,1033],{"class":84,"line":85},[82,1032,586],{"class":359},[82,1034,613],{"class":367},[14,1036,1037,1038,1041],{},"Kalau keluar \"relay\" bukan IP address, coba restart Tailscale di device client. ",[18,1039,1040],{},"Catatan:"," pengguna mobile data mungkin stuck di relay karena carrier NAT — coba switch ke WiFi.",[49,1043,1045],{"id":1044},"step-7-konekin-device-kamu","Step 7: Konekin Device Kamu",[738,1047,1049],{"id":1048},"di-phone","di Phone",[1051,1052,1053,1056,1059,1062],"ol",{},[234,1054,1055],{},"Download Tailscale (iOS atau Android)",[234,1057,1058],{},"Login pakai akun yang sama",[234,1060,1061],{},"Tap VPS kamu di list device",[234,1063,1064],{},"Toggle \"Use as exit node\"",[738,1066,1068],{"id":1067},"di-laptop","di Laptop",[1051,1070,1071,1079,1082],{},[234,1072,1073,1074],{},"Install Tailscale dari ",[23,1075,1078],{"href":1076,"rel":1077},"https:\u002F\u002Ftailscale.com\u002Fdownload",[27],"tailscale.com\u002Fdownload",[234,1080,1081],{},"Login",[234,1083,1084],{},"Klik VPS kamu lalu \"Use exit node\"",[738,1086,1088],{"id":1087},"approve-di-admin-console","Approve di Admin Console",[14,1090,1091,1092,1097],{},"Buka ",[23,1093,1096],{"href":1094,"rel":1095},"https:\u002F\u002Flogin.tailscale.com\u002Fadmin\u002Fmachines",[27],"Tailscale Admin Console",", cari VPS kamu, dan approve sebagai exit node. Kalau step ini dilewatin, exit node nggak bakal kepake.",[738,1099,1101],{"id":1100},"verify","Verify",[72,1103,1105],{"className":350,"code":1104,"language":352,"meta":77,"style":77},"curl ifconfig.me\n",[79,1106,1107],{"__ignoreMap":77},[82,1108,1109,1111],{"class":84,"line":85},[82,1110,360],{"class":359},[82,1112,1113],{"class":367}," ifconfig.me\n",[14,1115,1116],{},"Kalau output-nya IP VPS kamu (bukan IP lokal), berarti udah beres. Selamat!",[49,1118,1120],{"id":1119},"security-double-encryption","Security: Double Encryption",[72,1122,1124],{"className":74,"code":1123,"language":76,"meta":77,"style":77},"graph LR\n    A[Traffic Kamu] --> B[Tailscale - WireGuard]\n    B --> C[VPS Exit Node]\n    C --> D[HTTPS - TLS]\n    D --> E[Website Tujuan]\n\n    style B fill:#1976D2,color:#fff\n    style D fill:#1976D2,color:#fff\n",[79,1125,1126,1130,1135,1140,1145,1150,1154,1159],{"__ignoreMap":77},[82,1127,1128],{"class":84,"line":85},[82,1129,88],{},[82,1131,1132],{"class":84,"line":91},[82,1133,1134],{},"    A[Traffic Kamu] --> B[Tailscale - WireGuard]\n",[82,1136,1137],{"class":84,"line":97},[82,1138,1139],{},"    B --> C[VPS Exit Node]\n",[82,1141,1142],{"class":84,"line":103},[82,1143,1144],{},"    C --> D[HTTPS - TLS]\n",[82,1146,1147],{"class":84,"line":109},[82,1148,1149],{},"    D --> E[Website Tujuan]\n",[82,1151,1152],{"class":84,"line":115},[82,1153,177],{"emptyLinePlaceholder":176},[82,1155,1156],{"class":84,"line":121},[82,1157,1158],{},"    style B fill:#1976D2,color:#fff\n",[82,1160,1161],{"class":84,"line":127},[82,1162,1163],{},"    style D fill:#1976D2,color:#fff\n",[14,1165,1166],{},"Traffic kamu di-encrypt dua kali. Pertama oleh WireGuard (protocol Tailscale) antara device kamu dan VPS. Kedua oleh HTTPS\u002FTLS antara VPS dan website tujuan. Walau ada yang nyadap traffic, mereka nggak bakal bisa baca isinya.",[738,1168,1170],{"id":1169},"best-practices-keamanan","Best Practices Keamanan",[231,1172,1173,1179,1185,1191,1197],{},[234,1174,1175,1178],{},[18,1176,1177],{},"Update Tailscale"," — jalankan ulang install script secara berkala",[234,1180,1181,1184],{},[18,1182,1183],{},"Key expiry"," — Tailscale handle otomatis, jadi nggak perlu pusing",[234,1186,1187,1190],{},[18,1188,1189],{},"Batasi akses"," — limit akun mana aja yang bisa pakai exit node kamu",[234,1192,1193,1196],{},[18,1194,1195],{},"VPS dedicated"," — jangan jalankan exit node di server production",[234,1198,1199,1202],{},[18,1200,1201],{},"No logging"," — by default udah privacy-friendly, jaga tetap begitu",[49,1204,1206],{"id":1205},"troubleshooting","Troubleshooting",[14,1208,1209,1212],{},[18,1210,1211],{},"Exit node nggak jalan?"," Cek admin console — VPS perlu di-approve eksplisit. Step ini sering terlewat.",[14,1214,1215,1218],{},[18,1216,1217],{},"Nggak ada internet lewat VPN?"," Cek iptables NAT rules dan IP forwarding. Biasanya salah satu (atau dua-duanya) belum diset.",[14,1220,1221,1224],{},[18,1222,1223],{},"Jalan sebelum reboot, mati setelah reboot?"," Kamu lupa persist iptables rules. Setup iptables-restore service dari Step 5.",[14,1226,1227,1230,1231,1234,1235,736],{},[18,1228,1229],{},"tailscaled nggak mau start?"," Cek log-nya: ",[79,1232,1233],{},"journalctl -u tailscaled -n 50",". Penyebab paling umum: lupa flag ",[79,1236,478],{},[14,1238,1239,1242],{},[18,1240,1241],{},"Speed lambat?"," Kemungkinan kamu lewat relay, bukan direct P2P. Buka UDP 41641 di firewall dan restart Tailscale di client.",[14,1244,1245,1248],{},[18,1246,1247],{},"login.tailscale.com atau api.tailscale.com ke-block (403 Forbidden)?"," Ini masalah serius yang jarang dibahas. Beberapa VPS provider punya IP range yang ke-block sama Tailscale — biasanya provider besar yang IP-nya sering dipake buat spam\u002Fabuse. Contoh: DigitalOcean Singapore, beberapa range Vultr, dll.",[14,1250,1251],{},"Cara cek:",[72,1253,1255],{"className":350,"code":1254,"language":352,"meta":77,"style":77},"curl -sI https:\u002F\u002Flogin.tailscale.com | head -1\ncurl -sI https:\u002F\u002Fapi.tailscale.com | head -1\n",[79,1256,1257,1275],{"__ignoreMap":77},[82,1258,1259,1261,1264,1267,1269,1272],{"class":84,"line":85},[82,1260,360],{"class":359},[82,1262,1263],{"class":363}," -sI",[82,1265,1266],{"class":367}," https:\u002F\u002Flogin.tailscale.com",[82,1268,372],{"class":371},[82,1270,1271],{"class":359}," head",[82,1273,1274],{"class":363}," -1\n",[82,1276,1277,1279,1281,1284,1286,1288],{"class":84,"line":91},[82,1278,360],{"class":359},[82,1280,1263],{"class":363},[82,1282,1283],{"class":367}," https:\u002F\u002Fapi.tailscale.com",[82,1285,372],{"class":371},[82,1287,1271],{"class":359},[82,1289,1274],{"class":363},[14,1291,1292,1293,1296],{},"Kalau keluar ",[79,1294,1295],{},"403 Forbidden",", berarti IP VPS kamu ke-block.",[14,1298,1299],{},[18,1300,1301],{},"Solusi:",[1051,1303,1304,1310,1316,1322],{},[234,1305,1306,1309],{},[18,1307,1308],{},"Ganti lokasi VPS"," — coba region lain di provider yang sama (misal Singapore → Tokyo)",[234,1311,1312,1315],{},[18,1313,1314],{},"Ganti provider"," — kalau semua region ke-block, pindah ke provider lain",[234,1317,1318,1321],{},[18,1319,1320],{},"Pakai WireGuard langsung"," — kalau Tailscale ke-block semua, install WireGuard manual di VPS dan buat config manual. Lebih ribet tapi nggak bergantung ke server Tailscale",[234,1323,1324,1327,1328,1333,1334],{},[18,1325,1326],{},"Tailscale auth keys"," — kalau cuma login yang ke-block tapi API jalan, kamu bisa generate ",[23,1329,1332],{"href":1330,"rel":1331},"https:\u002F\u002Flogin.tailscale.com\u002Fadmin\u002Fsettings\u002Fkeys",[27],"auth key"," dari device lain dan pakai di VPS: ",[79,1335,1336],{},"tailscale up --authkey=tskey-auth-xxxxx",[14,1338,1339],{},"FYI: VPS yang aku pakai (SumoPod) nggak ada masalah ini. Tapi pengalaman user lain bisa beda-beda tergantung IP range-nya.",[49,1341,1343],{"id":1342},"butuh-vps-coba-sumopod","Butuh VPS? Coba SumoPod",[14,1345,1346,1347,1350],{},"Mau setup tapi belum punya VPS? Aku pake ",[23,1348,241],{"href":239,"rel":1349},[27]," — murah, kencang, dan cocok banget buat exit node. Server-nya tersebar di berbagai lokasi, jadi bisa pilih yang paling deket sama kamu buat latency rendah.",[14,1352,1353],{},[23,1354,1357],{"href":1355,"rel":1356},"https:\u002F\u002Fsumopod.com\u002Fregister?ref=856057af-2bb3-40b8-998a-3e70170804ae",[27],[18,1358,1359],{},"Buat akun SumoPod",[14,1361,1362],{},"Spec 1 vCPU + 1GB RAM udah lebih dari cukup buat personal use. Dan harganya ramah di kantong.",[49,1364,1366],{"id":1365},"penutup","Penutup",[14,1368,1369],{},"Setup Tailscale exit node itu cuma butuh sekitar 15 menit. Biayanya cuma VPS kamu (murah). Tailscale sendiri gratis buat personal use sampai 100 device.",[14,1371,1372],{},"Yang kamu dapet:",[231,1374,1375,1378,1381,1384,1387],{},[234,1376,1377],{},"Full bandwidth di koneksi direct P2P",[234,1379,1380],{},"WireGuard encryption (military-grade)",[234,1382,1383],{},"Nggak ada logging, nggak ada middleman",[234,1385,1386],{},"Akses ke konten yang keblokir",[234,1388,1389],{},"Proteksi pas pakai public WiFi",[14,1391,1392],{},"Lebih cepet, lebih murah, dan lebih private dibanding VPN komersial manapun. Plus, kamu yang bikin sendiri. Nggak ada yang bisa match itu.",[1394,1395],"hr",{},[14,1397,1398],{},[1399,1400,1401,1402,1405],"em",{},"Tutorial ini bagian dari project ",[23,1403,28],{"href":25,"rel":1404},[27],". Rasa ini tutorial helpful? Star repo-nya di GitHub ya!",[1407,1408,1409],"style",{},"html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html pre.shiki code .sScJk, html code.shiki .sScJk{--shiki-default:#6F42C1;--shiki-dark:#B392F0}html pre.shiki code .sj4cs, html code.shiki .sj4cs{--shiki-default:#005CC5;--shiki-dark:#79B8FF}html pre.shiki code .sZZnC, html code.shiki .sZZnC{--shiki-default:#032F62;--shiki-dark:#9ECBFF}html pre.shiki code .szBVR, html code.shiki .szBVR{--shiki-default:#D73A49;--shiki-dark:#F97583}",{"title":77,"searchDepth":91,"depth":91,"links":1411},[1412,1413,1414,1415,1416,1417,1418,1419,1420,1423,1426,1432,1435,1436,1437],{"id":51,"depth":91,"text":52},{"id":69,"depth":91,"text":70},{"id":228,"depth":91,"text":229},{"id":257,"depth":91,"text":258},{"id":343,"depth":91,"text":344},{"id":381,"depth":91,"text":382},{"id":510,"depth":91,"text":511},{"id":562,"depth":91,"text":563},{"id":619,"depth":91,"text":620,"children":1421},[1422],{"id":740,"depth":97,"text":741},{"id":853,"depth":91,"text":854,"children":1424},[1425],{"id":936,"depth":97,"text":937},{"id":1044,"depth":91,"text":1045,"children":1427},[1428,1429,1430,1431],{"id":1048,"depth":97,"text":1049},{"id":1067,"depth":97,"text":1068},{"id":1087,"depth":97,"text":1088},{"id":1100,"depth":97,"text":1101},{"id":1119,"depth":91,"text":1120,"children":1433},[1434],{"id":1169,"depth":97,"text":1170},{"id":1205,"depth":91,"text":1206},{"id":1342,"depth":91,"text":1343},{"id":1365,"depth":91,"text":1366},"tech","2026-04-06","Tutorial setup Tailscale sebagai exit node di VPS. Akses Reddit, situs yang diblokir, dan tingkatkan keamanan internet kamu.","md","\u002Fimages\u002Fposts\u002Ftailscale-vpn-exit-node.jpg",{},"\u002Ftech\u002Ftailscale-vpn-exit-node","12",{"title":5,"description":1440},"tech\u002Ftailscale-vpn-exit-node",[1449,586,1450,1451,1452],"vpn","vps","security","sumopod","uW2zWsDue9bOgShlkJpRgGCYcVQiZdd-F-jZ09V9-kw",1775435174287]