Tailscale VPN Setup - WireGuard on a Synology NAS? Kind of...

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this tutorial we're going to take a look at tail scale and why you might want to switch to it if you're currently using quick connect now i'm not going to go too deep into what exactly tail scale is because there's a great blog post that explains it in detail but in essence tailscale is a vpn service that utilizes the wireguard protocol so you can securely access devices using encrypted point-to-point connections while you won't be configuring wireguard itself you'll be able to set up a fully functional vpn with absolutely no port forwarding and securely access all of your devices on your local network this makes telscale a great option for people who can't or don't feel comfortable port forwarding so if you're interested in learning a little bit more about tal scale i suggest that you check out that link in the description but for now we're just going to move on to installing it on your synology nas open the package center and search for tail scale then install it when it's done installing open it and it's going to then ask you to log in after you log in you can go back to your synology dsm and then you can launch the taoscale application at this point you actually will see that you have an ip address assigned to this device that is literally the configuration at this point your synology nas is set up to be accessed remotely so on a different device you can use a mobile device you can use a a laptop whatever it is you just have to be on a separate network than your synology nas download the telescale application and log in as well on that device you're gonna see that you have access to the device that we just set up which is our synology nas at that point you're going to have to connect to the vpn on that device and what you're going to see is if you open up a web browser and you type in the ip address that they assigned to dsm and the port you use for dsm the default one is 5000 and 5001 but you might have changed this so just make sure you're using whatever you're currently using on your local network you should get to the login page of dsm so at this point if you simply say i just want to be able to access dsm securely outside of my local network you're done that's the long and short of it however you can move on to the next step which is going to be connecting to other devices on your local network and i would suggest that you at least hear this out because you'll probably be happy with the functionality if you do decide to go down this route but you don't have to if you're happy with the functionality that we just looked at then you can literally stop at this point and you'll be able to access your nas from outside of your local network securely now this next step is going to allow you to access other devices on your local network through your synology nas so what i mean by that is if you have a pc or you have a raspberry pi or you have just about anything on your local network you're going to be able to securely access it using that local ip address through tail scale now this is slightly more complicated in the sense that you have to ssh into your synology nas but ssh into your synology nas is extremely simple i have a two minute video that i'll leave a pop-up for now so just go through watch that video and get to the point where you've sshed in because you simply have to run one command and the command is going to be sudo tail scale up which is going to bring up our vpn protocol on this synology nas and then this next command is going to be advertise routes now this route here i have listed 192.168. forward slash 24. that is your local ip address subnet so what i mean by that is if you access your nas by the ip address of 192.168.1.50 you know that the local subnet you're using is 192.168.1 if you connect to your nest using 10.5.0.50 you know the local subnet is 10.5.0 so you have to go through and customize this command with whatever local subnet you're using after that there are two additional command line parameters you're going to have to use which is advertise exit node which we're going to take a look at in a minute and reset which is just resetting the tail scale connection if it's currently up now after you run that command you should receive the result success which means that you successfully advertise the route and the taos scale vpn is back up now after you do that you're gonna have to log into the admin portal so you can log into the admin portal before this as well it just allows you to access all the devices that you currently have assigned to your taoscale account but we're actually going to need it here because we're going to have to edit our route settings so in the written instructions i have the link that you have to access but it's just the default tail scale page where you can go and log in there but after you log in you're going to see your devices that you have so i have two machines set up right now and under our dsm machine you're going to see that the subnet we just defined is there now we have to go through and basically confirm this so what you need to do is select the three little dots next to our dsm interface and select edit route settings inside of that you want to enable both options the subnet routes and the exit node we're going to take a look at the exit node in a second but after you enable these options and save if you take out your mobile device again and you connect to your tailscale vpn you should be able to access your nas using the local ip address that you normally do now not only will you be able to access your synology nas using that local ip address you're going to be able to connect to any devices on your local network using their local ip address so at this point you should have full access to your entire local network using tail scale now for simplicity sake everything we did up to this point was utilizing a split tunnel vpn a split tunnel vpn will send only local traffic to your local devices and it will send all of your other traffic directly to it so what that means is if you try and navigate to google.com it's gonna automatically go straight to google.com it's not going to use tailscale at all a full tunnel vpn is different it routes all of your traffic through that vpn tunnel so if you're on a public wi-fi for example it's a good idea to use a full tunnel vpn because you're ensuring all of your traffic is going through that secure vpn tunnel the way that you can enable a full tunnel vpn on tailscale is by utilizing an exit node the way that you can utilize an exit node is on the device that you're connecting with what you'll have to do is in the settings you're going to have to use the exit node option and after you select that you're going to see that you have a few different options you have allow lan access and that's how you're going to be accessing all of your local devices but underneath that you're going to see none and you're going to see your synology dsm if you select dsm what that means it's going to route all of your traffic through that tail scale tunnel which will be a full tunnel vpn so for the two options that you have there none will be a split tunnel vpn and then the dsm option will be a full tunnel vpn so that's how you can switch between the two now that's the long and short of tail scale you literally have configured the entire thing if you weren't watching this video it probably would have taken you a few minutes at most but you're able to securely access all of your devices on your local network using a split tunnel or a full tunnel vpn now i quickly want to discuss tail scale versus quick connect because a lot of people that are using quick connect will probably have just as easy of a time setting up tail scale as they did quick connect the benefit to tail scale and the reason i think i like tail scale a little more than quick connect is that you're able to access all of your services so if you're using quick connect to access synology drive for example you can quickly and easily connect to synology drive using your quick connect id however you can only connect to the synology services so if you set up plex media server you're going to find out really quickly that you're not able to connect to it with telscale as soon as you set it up it's going to be like you're sitting in your house so you're going to be able to access plex you're going to be able to access any docker containers that you have you're going to be able to access all of the main benefits of why you might want to set up a vpn without any of the port forwarding or configuration the one caveat is that if you have multiple people connecting to your nas you're probably going to have to stick with quick connect because unfortunately as of right now the free tier of tail scale only allows for one account but regardless if you're using quick connect it might be a good idea to consider at least setting this up so you can see how it works and then at least one person on your home network would be able to connect to everything so i'm hopeful that this video helped you guys out if it did please give it a thumbs up if you have any questions feel free to leave them in the comments and if you like this type of content please consider subscribing to the channel thanks guys

Info

Channel: WunderTech

Views: 21,362

Rating: undefined out of 5

Keywords: synology tailscale, synology nas tailscale, tailscale synology nas, tailscale synology setup, tailscale vpn synology, synology vpn, tailscale vpn, tailscale wireguard, tailscale tutorial

Id: u2Qp1BM8Qi8

Channel Id: undefined

Length: 9min 1sec (541 seconds)

Published: Thu Apr 21 2022