Is Tailscale the BEST way to Access a Synology NAS Remotely? (Setup Tutorial)

Подписаться 35 тыс.

Просмотров 20 тыс.

50% 1

If you're using Synology QuickConnect or OpenVPN to access your Synology NAS remotely, check out Tailscale.
🎯 Tutorials, comparisons, reviews: www.wundertech.net
✅ Written Instructions: www.wundertech.net/how-to-set...
✅ Tailscale Document: tailscale.com/kb/1131/synology
🚀 Hire Me: www.wundertech.net/wundertech...
⚡Best Synology NAS Devices: www.wundertech.net/which-syno...
⚡Product Recommendations: link.wundertech.net/rmYt
🔔 Subscribe for more tech-related tutorials and overviews: link.wundertech.net/ssYt
DISCLAIMER: The information in this video has been self-taught through years of technical tinkering. While we do our best to provide accurate, useful information, we make no guarantee that our viewers will achieve the same level of success. WunderTech does not assume liability nor responsibility to any person or entity with respect to damage caused directly or indirectly from its content or associated media. Use at your own risk.
WunderTech is a trade name of WunderTech, LLC.
0:00 Intro
0:29 What is Tailscale?
1:01 Setting Up Tailscale & Testing Connection
3:04 Configuring Local Subnet Access
6:16 Using a Tailscale Exit Node
8:00 Outbound Traffic
10:04 Tailscale better than QuickConnect/OpenVPN & Disclaimers
11:35 Final Thoughts

Наука

Опубликовано:

6 авг 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 115

@WunderTechTutorials 2 месяца назад

One thing I wish I was a little clearer on. When I was speaking on security and performance, I was comparing QuickConnect and Tailscale. If you're using OpenVPN and you're happy with it, it's a great tool and there's no major reason to switch. However, if you want easier management with less potential issues, Tailscale is a great option. After downloading and connecting to the app on whatever device you're using, you'll have access to all of your devices/subnets.

@john_in_phoenix 2 месяца назад

Tailscale is great. I personally have been happy using wireguard on my router, which also allows my sister to use my network television tuner and streaming services. The only way she can get OTA television is to install a 20 foot mast for an antenna, and at 70 years old, that isn't happening. Fortunately it has worked well so far. I always worry how long something will last when it depends on using hardware and internet for free, so I tend to stick to my own resources.

@tonyvalenti6614 2 месяца назад

Been using Tailscale for well over a year now and it just works and implementation is a breeze. For me the goal was to setup a 3-2-1 backup strategy. I have two local NAS’s and one remote. I backup my computers locally, then backup my NAS to NAS locally, the I backup my local NAS to my remote NAS. Computer backups with ABB and NAS backups with Hyper Backup. As an aside, my remote NAS has two storage pools, the one I backup to and the other I let my daughter use for data and computer backups. Then o thought why not backup her storage pool to my NAS returning that favor too. Tailscale handles this two way local NAS to remote NAS backup perfectly. Lastly, being able to remote access any of my NAS’s from anywhere on any mobile device is a great benefit too. I definitely recommend Tailscale. BTW, I was using OpenVPN just to access my NAS remotely, and though it was reliable and secure, like you said, certificates were a pain and managing a free DDNS was a pain too.

@ryanw8664 2 месяца назад

One reason I’ve chosen OpenVPN over Tailscale, I don’t want to be reliant on them if they decide to start charging single users at some point.

@NhatLinhNguyen-ru5lf 2 месяца назад

Does Synology not have a Wireguard client? Much faster than OpenVPN

@ryanw8664 2 месяца назад

@@NhatLinhNguyen-ru5lfNot sure. FWIW, OpenVPN is faster than Tailscale for me, which I didn’t expect considering it’s not based on Wireguard.

@playeronthebeat 2 месяца назад

Then take a look at Netbird :) Netbird is basically Tailscale in open source and fully self hosted.

@Big_Kahuna 2 месяца назад

@@NhatLinhNguyen-ru5lf no their linux kernel is too old for wireguard

@BoraHorzaGobuchul 2 месяца назад

You can self-host tailscale if need be. Then again, I'm running both tailscale and zerotier in parallel on my nas just in case. The only problem is that Android zerotier client is not very reliable iirc

@mikeoreilly4020 2 месяца назад

I was in SE Asia for 5 months, last year and this year. I used Tailscale to access my Synology NAS's and was able to store everything that I accumulated there to one or another of the NAS's and it was there waiting for me when I got home. It wasn't lightning fast, but it worked very well. Thanks for explaining about Exit Nodes, which I didn't use, but will in future.

@QuikTechSolutions 2 месяца назад

Excellent video Frank. Been using Tailscale to backup my local NAS to a remote NAS for a while now. Works perfectly!

@WunderTechTutorials 2 месяца назад

Thanks, Tony! Appreciate you watching!

@sylvainalain6637 2 месяца назад

Yes !!!! So simple and the package is available in the Synology App Store.

@itsThemuRR 2 месяца назад

Simple, clear, concise - as always! Thanks :D

@PersonXes 2 месяца назад

Excellent video. I was wondering whether my openvpn solution was outdated, and now I conclude that no, openvpn is just fine for me 😊

@mendozairis 2 месяца назад

Tailscale DSM client + Headscale mgmt server on a VPS for me. Disabled using Tailscale's DERP relay servers as well. TS' technology is awesome but I like total control and not share my traffic to anyone as much as possible. Been accessing my NAS this way for quite some time. Very handy.

@playeronthebeat 2 месяца назад

Did you look at Netbird then? It's an alternative, I implemented for myself :D

@Gkbmoney 2 месяца назад

I think I discovered Tailscale from this channel and it is amazing. If I did not have it I wouldn't been able to use my NAS when I am away

@BoraHorzaGobuchul 2 месяца назад

You would've, but it wouldn't be as easy to set up

@Gkbmoney 2 месяца назад

@BoraHorzaGobuchul I did not want to open ports on my router. Tailscale is perfect for me. Just login and connect behind the router with a firewall and secure

@lenanaH 2 месяца назад

How did I not know this lol...Thanks Wunder

@johanneshepperle8390 2 месяца назад

A good and helpful video

@MarwaziSiagian 2 месяца назад

Tailscale is awesome! I’ve been using it for couple of months for my synology setup. Only part I’m still struggling is on how to setup certificate when using my own domain name over tailnet. Would be great if you could create a tutorial for that.

@BoraHorzaGobuchul 2 месяца назад

Yeah, that's an interesting topic

@SyrianAtheist 2 месяца назад

Great video, had no idea this service exists. PS. I am on holiday, won't let me set it up using quickconnect, have to do it in person.

@kevinhughes9801 2 месяца назад

Good stuff I use both Tailscale and a dedicated wg vpn

@MagDag_ 2 месяца назад

Thanj you!

@MrMoonsilver 2 месяца назад

Can you make a video to host a headscale server locally?

@dubsmachine555 2 месяца назад

The thing preventing me from using Tailscale is that you need the Tailscale software installed to connect. I cannot do that on my corporate provided device so I am using custom domain with reverse proxys to access my Synology and subs such as Docker containers etc. With Quickconnect disabled, default Admin disabled, ports changed and block lists this is the best way I can currently handle this but would be interested if you have any thoughts or ways to improve this setup.

@marizatiablae 9 часов назад

hi i can't set the advertise route on Windows Power Shell, the message i get is: "ip.address" has non-address bits set; expected "ip.address.here"

@hoaconstrictor 2 месяца назад

Why is your audio vol always lower then other channel like gamer nexus or ltt. I always have to turn my vol up when watching your vid, and turn it back down to watch other vid. That aside... Thank you for all the knowledge, I always learn something watching your videos. Keep up the good work!

@WunderTechTutorials 2 месяца назад

Good question, hah! I am horrible with the audio/video stuff but I'll look into it for the next video and try and adjust it. Thanks for watching and thanks for the kind words!

@hoaconstrictor 2 месяца назад

@@WunderTechTutorials Np, you're doing a good job. Running a YT channel is not a easy job, and A/V stuff can get tricky. The quality of your content is what matter most, and you sir excel at that. Not a big deal, just wanted to make you aware.

@nyahbingi121 Месяц назад

Been using TS, for Drive Syncshare and Hyper Backup. Totally love it! I have a use case where I have two Synology NAS at different locations and both acting as subnet routers. There are four IP Cameras at one location that I’d like to record to the NAS at a remote location. Is this at all possible?

@WunderTechTutorials Месяц назад

You'll have to advertise a subnet where the cameras are so that you can access them through TS.

@nyahbingi121 Месяц назад

@@WunderTechTutorials I have done this and I can access them from a Windows PC on the tailnet. However, Synology surveillance not seeing them to add the cameras to the remote NAS.

@dennisvanmierlo 2 месяца назад

My Unifi router has a WireGuard VPN setup using DDNS. This works very good. What would the benefit be by adding an additional party like Tailscale other than no need for DDNS? I prefer my direct WireGuard VPN over adding an additional VPN broker which also requires an extra trust level.

@WunderTechTutorials 2 месяца назад

I wouldn't use Tailscale if you're using WG. This is more aimed at the people running QuickConnect (and potentially OpenVPN) on the NAS where WG isn't supported.

@Ilya_yarets Месяц назад

I tried to do this, but I have a very slow file upload speed on the NAS

@InsaiyanTech 2 месяца назад

Is it possible to make the entry and exit node of tailscale use a vpn like Nord so it can be encrypted at all times and hidden from my isp even when I remote in to use my arr stack from outside my local network is this possible with tailscale because if I remember it doesn’t hide your data in there tunnel I thought

@WunderTechTutorials 2 месяца назад

Not that I know of, only for personal use.

@nosurname9652 Месяц назад

Despite tailscale is awesome option, still have problems with getting into some containers gui while using it. Some of containers are accessible which means that local access is working, but some are not...

@salto1994 2 месяца назад

i use tailscale to connect to a raspberry pi for a flightradar feeder. works really great and easy to setup. what i kinda dislike is when i'm connected to tailscale i don't have public internet access which kinda sucks.

@WunderTechTutorials 2 месяца назад

Are you using the Synology as an exit node? If not, it should only run as split tunnel and it shouldn't impact internet access.

@salto1994 2 месяца назад

@@WunderTechTutorials thanks for the feedback, I'll look it up

@BrazenNL 2 месяца назад

Tailscale is really easy, but, watch out if you're using things like Plex. You might need to adapt your configuration.

@jjdinanno4147 11 дней назад

What changes did you need to make in Plex to address issues introduced by Tailscale?

@DeanDetton 2 месяца назад

Hey Frank, great video! I have been using a reverse proxy service to access my synology and other third party apps remotely by forwarding port 443 to the reverse proxy service running on my nas. This has been working fine for me. Any reason that Tailscale might be a better choice?

@WunderTechTutorials 2 месяца назад

Thanks! It's a more secure option. With a reverse proxy, you're allowing access from anyone external (if you don't use firewall rules / access lists) and with a VPN, you're connecting to the VPN first, then the NAS so there's an additional layer.

@dubsmachine555 2 месяца назад

This is my setup too, because I sometimes need access from my works pc and I cannot install unauthorised software such as Tailscale. Plus we have a vpn service we need to connect to corp network.

@johann3029 22 дня назад

@@WunderTechTutorials is this the reason, why opening the port is not a problem? (noob question)

@WunderTechTutorials 22 дня назад

@@johann3029 Opening the port in what context? Tailscale shouldn't open any ports.

@johann3029 22 дня назад

Hey @WunderTechTutorials ! Thx for the super fast reply! Actually it does. At 1:12 your refer to it yourself. But I quess the important this is to not open ports on my router for security. Again. Noob asking.. :)

@adamsparks1527 2 месяца назад

When I try to expose a route I get a message saying the IP address 'has non-address bits set...' What does this mean

@WunderTechTutorials 2 месяца назад

I'd guess it's the format of how you wrote the IP, but that's just a guess. Never saw that before.

@SigCervelloCongelato 2 месяца назад

Hi! This video is great and very clear! I followed it step by step and everything works as long as I just want to access my NAS via browser without having to change http address! However, I hoped to be able to use TimeMachine remotely but it seems I can't access SMB remotely (I can with Tailscale IP thought)... Am I missing something?

@WunderTechTutorials 2 месяца назад

Thanks! Did you set up the local subnet?

@SigCervelloCongelato 2 месяца назад

I sure did! Can it be a problem related to 2FA?

@SigCervelloCongelato 2 месяца назад

UPDATE: I revoked the 2FA momentarily and now I can SMB, but still no TimeMachine for some reason...

@WunderTechTutorials 2 месяца назад

I honestly have no idea how 2FA impacted SMB. When you say 2FA, do you mean 2FA on Tailscale or 2FA on the NAS?

@SigCervelloCongelato 2 месяца назад

@@WunderTechTutorials I mean 2FA on the NAS. I was thinking about this because when I SMB on the Mac it doesn't ask me for the OTP but it just gives me a login timeout error. But now I have another issue: since I ran Tailscale I keep receiving warnings from ActiveInsight that there have been multiple logins attempts from China and that the IP that was trying to login has been blocked.

@filhodosapo7794 9 дней назад

I followed your steps carefully, but unfortunately, I got stuck on getting into my NAS even though am signed in to Tailscale website. what to do, I can't access my NAS

@WunderTechTutorials 9 дней назад

What exactly is the issue/scenario?

@johnd2925 2 месяца назад

Can you use it for backing up a laptop while on the road to your home NAS? Using ABB?

@WunderTechTutorials 2 месяца назад

Yes, you have to do the subnet setup but if you connect while remote, it'll be able to access the NAS.

@DavidM2002 2 месяца назад

You may just be able to right click on the ABB icon in the Task Bar and select Edit Connection. Change the IP address to the one that Tailscale assigns. I have not tried this so it will be a bit of an experiment. I don't have much to backup while I'm travelling so I just sync with Syncthing.

@johnd2925 2 месяца назад

@@WunderTechTutorials Thanks Frank, I'll tinker with this and let you know.

@johnd2925 2 месяца назад

@@DavidM2002 Thanks David, I'll try this as well.

@johnd2925 2 месяца назад

@@WunderTechTutorials Got the subnet and exit node set up. Was trying to connect at home via my iPhone, as a different network. I may try going to a coffee shop and jumping on their free wifi to check it out. I don't know why I couldn't connect via the iphone.

@Fryn_Hayn 2 месяца назад

Is it possible to use this on iphone to remotely access cameras through surveillance station?

@DavidM2002 2 месяца назад

I don't know about SS, but I do use Tailscale to view my cameras live on Home Assistant which I run on my QNAP. Home Assistant can be run on your Synology so I'm sure that it can all be pieced together fairly easily as well. No subscription costs is a huge bonus.

@WunderTechTutorials 2 месяца назад

Yes, if they're accessed through a local IP and you configure the subnet.

@praetorxyn 2 месяца назад

I’m just using a forwarded port and a reverse proxy (about to switch to Traefik when the RAM and SSDs for my Minisforum MS-01 get here). Firewall rules would probably be good enough elsewise. The main reason I don’t want to use something like Tailscale is that I have Nextcloud running I. The background to auto upload etc., and I don’t want to be on a VPN all the time. I’ve also heard Tailscale’s ACLs are pretty shit. I may look into Tailscale / Wireguard on the MS-01 though. The research I did said getting a wireguard container set up on the DS918+ would be a pain.

@BoraHorzaGobuchul 2 месяца назад

Not sure if I'm getting you right, but you can still access your nas via local ip if you're on the network, so operation of other apps/packages should not be impacted in any way

@praetorxyn 2 месяца назад

@@BoraHorzaGobuchul I know that, but if I'm outside my house I don't want to have to choose between being connected to a VPN all the time or my background tasks on my phone failing.

@BoraHorzaGobuchul 2 месяца назад

@@praetorxyn connecting to a tailnet is not like a common vpn; your other tailnet devices become available to you, while you can still access other ips without the traffic being redirected through the vpn, unless you're using an exit node

@praetorxyn 2 месяца назад

@@BoraHorzaGobuchul If I can only have certain apps sent through it and it doesn’t affect battery much, that would be reason to consider it.

@BoraHorzaGobuchul 2 месяца назад

@@praetorxyn when I run it on my phone/computer, unless I chose to use another node as an exit node, tailscale client only enables connectivity with remote machines via their tailscale IPs. It does not route all traffic via the exit node by default.

@blcjck8121 2 месяца назад

Does this work out of the box if you're behind a CGNAT?

@WunderTechTutorials 2 месяца назад

Yes!

@BoraHorzaGobuchul 2 месяца назад

Works perfectly for me. I live in Mordor, and common vpn services and protocols like openvpn someone's assist to be blocked/impeded by since providers at least some of the time. It's somewhat better at the moment but there's been days when I couldn't use nordvpn on my cell phone because of that. Having TS running on my relative's NAS abroad allowed me to securely connect without any problems. Speed depends on the channels in between obviously, for me it was good enough to watch RU-vid through it at full hd.

@nyahbingi121 Месяц назад

Worked perfectly fine with Starlink, which uses CGNAT.

@theloniousMac 10 дней назад

I like Perimeter81.

@twd2 2 месяца назад

what about Funnel !!!

@donciak 2 месяца назад

just don't use exit node or subnet route. they just discoverd a cve that let's ppl connect to host behind the connector. who know from how many time it was there,

@PowerUsr1 2 месяца назад

Tailscale in a very limited environment (home lab home office) is great. Its default any/any rule makes it easy. The very moment you want to do ACLs Tailscale is straight up trash. Go ahead and write those JSON rules to limit access….documentation on those ACLs is difficult to follow but not impossible. Honestly, it’s ok for straightforward vpn. Wouldn’t use it in any other environment

@WunderTechTutorials 2 месяца назад

Totally agree with that - their ACL process is a nightmare and something I keep thinking will get better, but it hasn't yet. Like you said, not impossible, but not nearly as user-friendly as you'd hope.

@BoraHorzaGobuchul 2 месяца назад

Zerotier is better in this regard iirc

@badmintonmalaysia7529 2 месяца назад

Why not just use QuickConnect?

@zgboy23 2 месяца назад

you can not do smb over QC.

@BoraHorzaGobuchul 2 месяца назад

It's often slow for one thing

@tarad0nbr4n9 2 месяца назад

Please check out and make a video about Headscale.

@IstvanKovacs 2 месяца назад

and/or compare Headscale with Netbird, which has supported selfhosted option :)

@nowayjose3300 3 дня назад

How to turn off tailscale in a synology nas 7

@WunderTechTutorials 3 дня назад

You can uninstall the package and remove it from the Tailscale web interface.

@nowayjose3300 3 дня назад

@@WunderTechTutorials Thank you.

@gabingabin832 2 месяца назад

The best solution is cloud flare tunnel

@praetorxyn 2 месяца назад

Cloudflare Tunnel only allows certain kinds of traffic / amounts of bandwidth. If you start looking at photo galleries, videos, etc. over that, they won’t take it well.

@BoraHorzaGobuchul 2 месяца назад

Also, in that case data goes through CF. With tailscale, data does not go through their servers, they're for coordination only