Это видео недоступно.
Сожалеем об этом.
Tailscale is the Easiest Personal VPN Solution - Securely connect to your home devices remotely !
HTML-код
- Опубликовано: 13 авг 2024
- See more like this: lon.tv/howto - Tailscale allows you to securely connect to devices on your home network remotely without having to open up ports on your router. It's super easy to configure too. Subscribe for more! lon.tv/s
VIDEO INDEX:
00:00 - Intro & Context
02:35 - Account Setup
04:09 - Adding the First Device
06:26 - Windows Setup
08:31 - Android Setup
09:31 - iPhone Setup
10:56 - Demo: Vmix SRT over Tailscale
14:34 - Sharing Devices
16:41 - Synology NAS Setup
17:53 - Performance Test
19:19 - Conclusion
Visit my Blog! blog.lon.tv
Subscribe to my email lists!
Weekly Breakdown of Posted Videos: - lon.tv/email
Daily Email From My Blog Posts! lon.tv/digest
See my second channel for supplementary content : lon.tv/extras
Follow me on Amazon too! lon.tv/amazonshop
Join the Facebook group to connect with me and other viewers!
lon.tv/facebookgroup
Visit the Lon.TV store to purchase some of my previously reviewed items! lon.tv/store
Read more about my transparency and disclaimers: lon.tv/disclosures
Want to chat with other fans of the channel? Visit our Facebook Group! lon.tv/facebookgroup, our Discord: lon.tv/discord and our Telegram channel at lon.tv/telegram !
Want to help the channel? Start a Member subscription or give a one time tip!
lon.tv/support
or contribute via Venmo!
lon@lon.tv
Follow me on Facebook!
/ lonreviewstech
Follow me on Twitter!
/ lonseidman
Catch my longer interviews and wrap-ups in audio form on my podcast!
lon.tv/itunes
lon.tv/stitcher
or the feed at lon.tv/podcast/feed.xml
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.
Just a quick update on the performance portion of the video : In subsequent testing performance is pretty much a non-issue now. I set up a link to a Synology NAS at my mother's place which is running on 500 megabit symmetrical fiber and I'm now pushing the full speed back and forth. See the update: ruclips.net/video/D8lJcf0V_-4/видео.html
One of the great things about Tailscale is it gets around CGNAT. So if anyone (like me) has their network connections over CGNAT and you've wanted to be able to connect back, this is your solution. Also, it works on the NVidia Shield! So, when we are away in our RV, we can connect back to watch Plex over my CGNAT connections!
One of my clients uses a Western Digital NAS and they were recently hit with an outage for 2 weeks or so. Many WD customers were locked out of their data because they depended only on cloud storage. Don't Do That People. Luckily we had local access to the company data and prevented any data loss. WD is in the storage business. You would think they are secure. Nothing is secure. Always take extra precautions like this. Thank LON.
so the NAS was on a different network than the users? Shouldn’t they be using Microsoft 365 or Google Workspace?
@@mactastic144 the way how WD nases work, u login/authenticate trough their online service. After attack they have disabled this feature, so many people couldn't access their nases
Excellent explanation, as usual, Lon. Tailscale does indeed seem very versatile, but by the same token, simple and straightforward to set up. I would like to see more detail though on what can be done with Tailscale.
Wow! What a great teacher, so articulate and fundamentally precise.
I have been looking at Tailscale as a solution for home lab access when away from the house. Thanks for covering this and I always appreciate your videos.
The speedtest via iperf showed that you were relayed and that the devices did not establish a direct connection. Tailscale, zerotier, and similar type of overlay networks are designed to consistently try to establish a direct connection between devices when possible. If a direct connection can be made, you will pretty much go at full speed possible for the link (unless tailscale runs in userspace, like it does in windows, but that should still yield 200-300 megabits). This can happen if your firewall or the one at the other end is using a type of NAT that randomizes the source port. Relayed connections going through a DERP server (as they are called in Tailscale) will have limited bandwidth. You can set up your own DERP server if you want faster speeds. Usually, direct connections are more common than them being relayed. I recall zerotier giving some stats that 95% of all devices were able to establish a direct connection. I don't know if tailscale ever commented on that.
Great video Lon! I’ve been using Tailscale for about a year now. One thing I have done is have my local Synology NAS run scheduled backups to another offsite Synology NAS using Hyper Backup over Tailscale. Of course the initial backup was done when they were both local. I’d like to see how you can access your PC’s data files from a Laptop or Mobile Phone when on the road. 👍🏻👍🏻
This video dropped at the right time for me. I recently switched to T-Mobile 5G Home Internet and found I couldn't stream from my Plex server on my NAS. This sounds like exactly what I need. I'll be testing it tomorrow during my lunch break.
I'd like to see another video on the more advanced features of Tailscale. I'd love to use it to access my PS5 for remote play without having to flash my router with custom firmware to run Tailscale.
It works, been doing it for a while now.
If you have a device set up at your house that is running tailscale that you leave on all the time. (I use a raspberry pi). You can set it up as a exit node. It will let you use tailscale just like a regular VPN service and can also set it to allow local network access to your other devices on your network.
Really excellent explanations, demonstrations, and with applications Lon. One concern you didn't address is that once setup, the end user is completely reliant on the integrity of the Tailscale security posture and their implementation as opposed to truly hosting one's own VPN with hardware and custom configuration.
My target audience for this are people who are currently poking holes in their router (or gasp uPNP) so for those folks this is definitely an improvement. But I think setting up your own server is always the best way to have full control.
This is why I will not use Tailscale. It defeats the purpose of VPN.
There are multiple things that address this. The tailnet lock feature allows you to verify that no node is added to your network without being signed by already trusted nodes, this means you don't have to trust the tailscale infrastructure because even if it was malicious your devices wouldn't trust any node it tried to add or replace. There is also a way to self-host the coordination server called headscale if you really don't want to use any of their infrastructure. Additionally the client code is open source so that can be validated.
+ it’s backed behind a single sign on like your google account.
Is there a video for a self hosted solution you could share?
Any idea if it's any way/solution that Tailscale can be used/ran from a browser?
man what are the odds. Just saw this package in synology and came here to learn more!
Love the video. Would love a video on more that can be done with tailscale.
TAILSCALE uses WireGuard for its VPN but Tailscale works reliably behind other firewalls in my experience e.g. using Wi-Fi when staying in a hotel where vanilla WireGuard does not.
Not a fan of "Cloud" control. I have a Pi that I set up as a VPN server on a VLAN, also now have WireGuard on the UDM-Pro so they both keep me off the cloud. I only have one service remaining on the cloud (can't dump it) and that is the way I like it.
Another great video Lon. Tailscale was a godsend because I can get into my own LAN without having to open ports on my router. One detail I have run into though: Because Tailscale works as a VPN, if you routinely use a VPN when outside of your own LAN, at least on the desktop and mobile OSs I use, you cannot run both your regular VPN and Tailscale. You must drop out of your regular VPN to be able to start up Tailscale.
If you have a device set up at your house that is running tailscale that you leave on all the time. (I use a raspberry pi). You can set it up as a exit node. It will let you use tailscale just like a regular VPN service and can also set it to allow local network access to your other devices on your network.
You just got this video linked to by the Tailscale email newsletter.
So with Tailscale, I can add computers then RDP into them from any network? (as long as both are connected to my account)
How does Tailscale compare in features/security to Unifi "Wi-Fi Man" or their new "Wireguard" which has now been added. I am looking for the best solution to log in remotely to my security cameras, and to access files on my Synology NAS. Very nice presenation.
I think if you have the aptitude (it sounds like you do) using the wireguard option on UniFi is the best way to go. There’s no cloud intermediary, and a single connection gets you into your network.
Great video Lon. Let’s see more of it please. Thanks.
This is great. My NAS software is phasing out its VPN/remote access services so I needed a new solution. I think this will work out great.
Since one of the missing features of the gen4 Tablo DVR is the remote access for viewing recorded or live video, would Tailscale allow a remote user to overcome this deficiency until Tablo revises their system?
So could you use Tailscale to watch Netflix or Amazon Prime movies when out of the country, or would this require you to leave your TV on in order to do this? Or is this type of use more suited for a network VPN?
So you could use the "exit node" feature to do that. No need to have the TV on the computer will appear as though it's coming from your home network as it will be routing Internet traffic through the tunnel.
Really need a self hostable product like this that is as turnkey. Yes, there are a number of solutions available but all of them are a pita to setup.
Great video, been using Tailscale for a while, works great. 73.
Thanks for a great video.
Can Tailscale be intalled on a ASUS GT-AXE11000 router? I'd like to connect to the entire LAN network - not only clients.
The router is pre-set for WireGuard, if that changes anything.
Thank you for the video Lon. You've now given me ideas/procedures for multiple projects ie. livestreams, recording, cloud gaming... huge help, thanks so much, have a great new year.
Great video thanks for sharing, if you can please do more tailscale videos, very impressive sort of vpn app
Very helpful Video thank you for sharing Lon 👍
Thanks for this, I'd love to see a more in depth dive into it. Maybe talk about the privacy concerns mentioned elsewhere in the comments too.
Please review Headscale is fork open source
More tailscale please.
Home Assistant had a recent CVE although I don't think it was exploited in the wild.
Hi Lon, that was a great video. Could you please also cover NordVPN's Meshnet service? I believe it's similar to Tailscale but maybe uses different protocols?! Not sure. Thanks
Thanks, very informative Video. I want to ask a few things. I am a new to HomeLab. Currently running a TrueNas Scale Os on my server. I want to get remote access for few things like Nextcloud, sync photoback up, Plex/Jellyfin, along with commercial VPN running at that server for qBittorrent and 'arrr' applications.
Is there any way, that i can get remote Access with tailscale Tunneling or is there better way?
As for Info, i am looking for a simple approch, as i am not an IT Guy.
Thank you. Appreciate your Help.
Good job. Well done.
this was very thorough! thanks for the video
Tailscale has completely solved my home lab networking needs. It deserves more attention. Now I can travel with an ultralight notebook and connect, via Microsoft Remote Desktop Services, to my machine learning servers. Remote desktop latency is so low I don't notice any lag. Tailscale has proven easy to use and reliable. Install and forget. Other solutions such as AnyDesk and Teamviewer were unreliable, too heavy, and otherwise problematic.
Do you think your Remote Desktop would run a VM on a home NAS remotely ?
Channels DVR has support for this now too. I wanna try it vs keeping my port open
Is there a way I can get this work with NordVPN I’m using NordVPN to keep my IP safe and I want to use tailscale to get remote access to my jellyfin server to watch outside my network
I want to see how can you use this as a VPN step by step.
Found your video extremely helpful. Is there anyway to access shared folders from your pc over tailscale through the internet. Thanks
Yes just point the client at the PC's tailscale IP - in Windows \\000.000.000.000 with the zeroes being the tailscale ip in the explorer address.
Hey Lon! Great video. Could you use this to do a hyper backup between 2 Synology units that are remote from each other?
Yes that is a great use case ! Synology also has their own vpn server you can run on each of you wanted a diy
@@LonSeidman it'd be cool to schedule that too like 5 minutes before backups are scheduled to kick off. Is that possible?
@@kellymatthew That's a good question .. I bet you could probably issue a cron command to trigger it but I haven't experimented with that myself. This person has an example of it here: mickderksen.wordpress.com/2016/06/08/how-to-schedule-a-vpn-connection-on-synology/
Yes! I have done this successfully! 😎👍🏻
How would you say Tailscale compares to Synology’s Quick Connect with regards to security ?
While it has a relay available for the most part Quickconnect relies on UPNP or having open ports. So I'd prefer Tailscale's approach which keeps it behind the firewall and invisible to network scans.
how does this compare to Synology's OpenVPN?
Does Tailscale run on AndroidTV devices like the ONN boxes from Walmart?
It does!
@@LonSeidmanThis seems like a better value proposition as long as it offers similar performance and features (active during sleep mode, throughput, etc.)
Anyone know how to map a network drive using tailscale for Windows?
Maybe I missed it, but can it be used as a traditional VPN where I simply want to go out on the internet and my ISP internet IP address is hidden?
No it’s private only unless you set up an exit node on a cloud server.
I'll stick to a self hosted vpn. Seems a lot of faith and trust in 1 provider.
Does Tailscale change your ip address, like a traditional VPN?
I think your tailscale IP is locked for that device but if you did an OS reinstall or something it'll likely cycle it.
I don't know, wireguard seems better and certainly easy enough, especially with the docker image.
Do you think an average consumer is going to do that ?
@@LonSeidman I would agree that an average consumer no, but anyone watching this channel would have no issues. I am not sure if you ever reviewed Firewalla, but I switched to this from using a home Untangle license and found Firewalla to be a lot easier. Comes with WireGuard server built in too. Without learning more about Tailscale, which I’m going to check out, I am still concerned a 3rd party is involved and could be a point of compromise.
Tailscale uses wireguard itself and also provides many features that plain wireguard doesn't.
I couldn’t find tutorials to setup Wireguard on a Mac. I don’t want to use a Docker image.
Wish I could get it working.....
What is good laptop for gaming and not expensive
Will this work with Plex without opening Plex to remote connection?
Yes.
They lost me on two points. Any service that forces a connection with a provider rather than email is bad. That means two companies are allegedly spying. Tailscale says they will put cookies on the browser for advertising. That means we are being tracked. Likely explains why the free service is generous. They are making money on the free accounts. They say just turn off do not track on the browser. That is a request to the website. They are not required to honor it. I would never use this service.
A permanent VPN connection is important. Just about all iot devices cannot install vpn. The reason for putting iot on a separate network. The VPN really belongs on the router or an external firewall. With a kill switch if it goes down not to reveal the IP address.
Not for me. I do not want to go through and rely on any third party, especially handing out my identity information.
I have been using the VPN supplied with my low-end Synology NAS. It was reasonably easy to set-up and has been reliable. The primary issue has been a result of Comcast's limited upload speed. I tried setting up a VPN on the PI (Lon's video) but for me the performance was poor. I did not spend time fussing with it since the Synology was working well and just dropped the Pi.
That dude lost his data not only because his nas had a vulnerability, but also because he didn't have a backup.
Can't get anything to work with this thing .. Don't know what's all the hype about.
Twingate-Zero Trust better than Tailscale
Soooooo ... what happens when Tailscale abandons the 'free tier' and starts to charge for it. "Evernote" anyone .... LOL
The free service is likely already being charged by allowing them to get data to advertise and possibly sell.
As they say, when it is free we are the product. Unfortunately we are still the product in most cases even when we pay for a product.
They have a good explanation on that point here: tailscale.com/blog/free-plan/
@@LonSeidman excellent explanation and they sound good. I just can't get pass the privacy statement regarding adding cookies for advertising purposes. As well as forcing people to use social media logins to join. This suggests we really don't know what they are doing with our activity. They may not be able to view our pc data but this suggests they maybe viewing our actions. Telemetry and metadata is just as important and often more important than data.
So Tailscale is not like a traditional SSL VPN solution then, because let's say if a company has 1000 servers, does that mean I have to install Tailscale on all of them 1000 times??(this is gonna be a little crazy) where on traditional SSL VPN solution, once a client connects with a VPN client on their computer, then they can access whatever those 1000 servers they want. (I know the SSL configuration on either router/firewall is a little complex, but once IT administrator done this, it's gonna be worry free, of course all end users don't really care, they just use it)
Love the video. Would love a video on more that can be done with tailscale.