Tailscale is not a good option for this (hiding your geo-location from work). As the article states,
'Additionally, in the case of a DERP-relayed connection, if one were to run a “traceroute” on your connection, they would see the public DERP relay server IP address, since it is routing your traffic in the middle. This IP obviously belongs to a commercial/enterprise IP block, but it’s only visible by running a traceroute which is able to see every “hop” your traffic makes. Whether or not your employer’s telemetry would pick up on this is what would determine whether this method would still work for you or not.'
Tailscale is not built for anonymity and contains strange surprises.
'Additionally, in the case of a DERP-relayed connection, if one were to run a “traceroute” on your connection, they would see the public DERP relay server IP address, since it is routing your traffic in the middle. This IP obviously belongs to a commercial/enterprise IP block, but it’s only visible by running a traceroute which is able to see every “hop” your traffic makes. Whether or not your employer’s telemetry would pick up on this is what would determine whether this method would still work for you or not.'
Tailscale is not built for anonymity and contains strange surprises.