| The very concept of "your organization" is not meaningful for some users. Even when working for a single client organization, I usually need VPN connections to my own servers at the same time - my own business is the second organization. Typically you start some consulting work for an organization, and they hand you an identity to use for the work. They won't use the one you have already or grant access via an ACL. They give you a new id (yes, a new Gmail address even for an 8 week contract, and you're supposed to check it). So you're consulting for 3 organizations this Q4, and you've been given 3 identities to use for VPN access. To actually be useful to them in your consultancy work, you need to connect to your own servers during the day as well. Being able to use those is key to what makes you valuable. Fast user-switching or even simultaneous login would be handy, and having to agree special arrangements with various IT departments is usually a lot of friction. Slow user-switching is what you end up having to do in practice, and that's a pain. I've had this with other VPNs when doing consulting jobs. Re-logging in via slow dialogs to their VPN 20 times a day, due to switching. I didn't know Tailscale had this restriction until the GP comment, as I have been avoiding Tailscale due to the social-SSO constraint. I was considering, reluctantly, trying it out with my GitHub credential, the one that I think I'm least likely to lose access to. (But consider that all Russian accounts were suspended abruptly this year.) But I do use multiple VPNs to servers under the control of different organizations through the day, so the switching constraint seems relevant too. |