Tailscale on a Synology NAS - Secure Remote Connection without Port Forwarding or Firewall Rules

  Рет қаралды 43,188

NASCompares

NASCompares

Күн бұрын

Пікірлер: 79
@j_holtslander
@j_holtslander 9 ай бұрын
Every time I go looking for info online regarding using my NAS it's always NASCompares that I end up at as a destination. Haha. Keep up the good work!
@ZajaxFilms
@ZajaxFilms Жыл бұрын
How the hell did you know I was looking to research this today???
@Jonkelly-q7j
@Jonkelly-q7j Жыл бұрын
You mention security at the end - where can I find instructions for adding such security - e.g. you mentioned Lets Encrypt?
@vladiesc
@vladiesc Жыл бұрын
Nice one! Been using it on my Asustor NAS a while. Great piece of software! No port forward means less chance of being hacked.
@antik06
@antik06 Жыл бұрын
Maybe it is a "Great piece of software", but maybe the user should think about the fact that to make it work, you are actually giving access to the NAS to a third party. Additionally, I saw a comment somewhere on the web that "If you look a bit at the advanced details, it beats those firewalls because they kind of "don't care" what the UDP packet content is as long as it looks like it's going to the correct IP, and that seems pretty dangerous to me". Well... I'm back to using the QVPN protocol with a VPN server on a QNAP QHora router 😎
@xellaz
@xellaz Жыл бұрын
@@antik06 Yea. I also don't like giving a 3rd party access to my devices. I run my own VPN server and that's the only way you can connect to my network from the outside. Everything else is denied. 😗
@TeufelHund
@TeufelHund Жыл бұрын
Where is tailscale available for Asustor NAS?
@nemiw4429
@nemiw4429 Жыл бұрын
@@antik06 R u the owner of QNAP and make too little income? U surely don't sound like an owner of anything other, than 1 old Qnap, but who knows. Maybe u'll share ur reason why u exist, Mr. Qnap NPC.
@antik06
@antik06 Жыл бұрын
@@nemiw4429 Did you forget to take your pills?
@haydenlee8332
@haydenlee8332 Жыл бұрын
I only have a QNAP TS-231P3, so there is no native support for Tailscale. However, I was able to set up a Tailscale VPN thanks to an extra help from another KZbin video about how to setup Tailscale via docker containers (for QNAP there's "ContainerStation") I'm loving Tailscale so far!! It's so easy!!
@sandervanbergem6151
@sandervanbergem6151 Жыл бұрын
If I understand it correctly you don't need to create an quickconnect ID. But how would you connect the Synology photo&file apps on your mobile then? Or do you still create that ID and still keep the ports closed?
@ekowlloyd
@ekowlloyd 3 ай бұрын
He didn’t mention but you also need to install Tailscale on your other devices and have the service running in order to connect to the Tailscale ip of your NAS
@6Nekro
@6Nekro 21 күн бұрын
Exactly, you don't need to create a quickconnect ID at all. Just need tailscale client app on both devices and have it activated just like in the video and then use for example DS file app. In the DS file app login screen you will just use the IP of the device (synology) that tailscale created for you (you can find it in your Tailscale admin section under Machines) and your synology login details just like you would log in to it normally. I used DS file app on my phone to test it. I disconnected from my wifi on my phone so I am on my phone data internet and I managed to connect without any issues.
@Tetra84
@Tetra84 Жыл бұрын
great guide! do you know how we can use Tailscale in conjunction with hyperbackup/vault to do secure connections to other Synology NAS's?
@tonyvalenti6614
@tonyvalenti6614 Жыл бұрын
Thanks again for yet another great video. I have been using Tailscale for several months now. Yes it was easy to setup, but I would have mentioned their recommendation to add a single line to your NAS Task Scheduler to ensure connection on reboot. That said, my use case was to connect two Synology’s, one onsite and the other offsite to use Hyper Backup supporting my 321 backup strategy. Worked great for about 7 backups, then disconnected and I was never able to reconnect or login through Hyper Backup to Hyper Vault. 😣 Tried asking everywhere, Synology and Tailscale subReddits, Synology and Tailscale themselves. No one has a solution recommendation. Would be great to see if you could get it working and share another video.
@DavidM2002
@DavidM2002 Жыл бұрын
Do you have the NAS firewall activated ? I set mine up and then later deactivated it but left the rules in place. At some time later, I got sort of locked out of the NAS; I could login to the desktop with a browser but could not move files to and from my Windows desktop with Windows File Explorer. In frustration, I went into the firewall and deleted all of the rules and turned the firewall on and then off. All was well after that. In frustration, we try almost anything; even those things that shouldn't work but this did for me this time.
@rb65
@rb65 Жыл бұрын
Great video. I am trying to figure out how to use Tailscale to allow 2 Synology NASs on 2 different external networks to each other. My goal is to map remote drives between the two so that I can drop a file in a directory on one NAS into a folder on that device and have it copy to the other...but not "sync." In other words, I want that file to automatically copy to a folder on the other NAS and then be able to delete it from the origin NAS and have it remain on the destination.
@DavidM2002
@DavidM2002 Жыл бұрын
I do that but without Tailscale. On each NAS, I have a folder simply called "Transfer". I also have both NAS's running the cloud sync app which bi-directionally syncs that folder to Google Drive ( or OneDrive ). I copy a file on NAS 1 to its Transfer folder. It is then copied to the cloud drive. On NAS 2, its cloud sync detects the folder on Google Drive, and downloads to its local Transfer folder. I know that you said that you don't want to sync files but the sync app is the one this makes this work. If you set it for bi-directional, when you move the file out of the NAS 2's Transfer folder, a bi-directional sync sees the empty folder and then deletes the copy on Google Drive and the same thing happens back on NAS 1. Sounds convoluted but works like a hot damn.
@revlioquick
@revlioquick Жыл бұрын
Could I request some content? The title would be "break your cloud provider reliance". Overall the review/video would provide a guide to using local NAS resources to replace Google/Amazon/Apple/MS cloud services for: 1. Automatic mobile device photograph/video backup #most important I believe 2. Document sharing/editing 3. Sharing of content via common social media, messaging platforms What with costs of these services constantly increasing, and the helpless feeling of being tied, powerless to their control. How easy is it to use Synology/QNap s/w to truly replicate that 'memories happily backed-up' feeling.
@Aleksandar.D
@Aleksandar.D 5 ай бұрын
I have already disconnected my entire family from Google photos and Google Drive for backing up our photos, documents, etc. However, I am still using external hard drives, which are disconnected from the internet, to back up my important data. On my NAS, everything that is exposed to the internet is something that I could live without.
@jeibar
@jeibar 9 ай бұрын
I started using Tailscale last night , and I’ve found that the speed is a bit slow to watch media . I can download documents and photos with not problem but when it comes to videos , it’s soo slow compare when connected to the local network . Is that Normal? Is there anything I could do to improve the speed ? Thanks heaps
@NikolaBulj
@NikolaBulj 2 ай бұрын
What about the firewall? Should we just allow tailscale from the ip-range they give, or also other services we might need to use (photos for example)?
@pbrigham
@pbrigham Жыл бұрын
One of the best ways to connect remotely to a NAS.
@petermarin
@petermarin Жыл бұрын
how can I map the NAS in the file explorer? I can't see it when the devices are discovered.
@BUBearsFan
@BUBearsFan 8 ай бұрын
Good video. How do you add Tailscale to your NAS certificate to secure the connection? : )
@azwb
@azwb 4 ай бұрын
Did you ever find out?
@ekowlloyd
@ekowlloyd 3 ай бұрын
He didn’t mention but you also need to install Tailscale on your other devices and have the service running in order to connect to the Tailscale ip of your NAS
@drpepa09
@drpepa09 11 ай бұрын
Is there a use case for Tailscale if NAS is behind CGNAT? Just went fullfibre with Befibre and now Plex remote access port forwarding is screwed unless i pay for a static ip fix
@vimanaboy
@vimanaboy 7 ай бұрын
Great video- subscribed! What I really need now is to figure out how to make a Tailscale certificate and make reverse proxies for my Docker services (Vaultwarden, Jellyfin, Audiobookshelf, etc)). Or whichever is the best way to access them via Tailscale if that isn't it.
@PaulMarriott-p9v
@PaulMarriott-p9v Жыл бұрын
How does Tailscale compare with Cloudflare Zero Trust Tunnel and/or Twingate??
@IYIySTiiKv1
@IYIySTiiKv1 Жыл бұрын
I just set this up! It works great but I was having trouble with ssl certificates while using the synology photos mobile app
@cesiumion
@cesiumion Жыл бұрын
how would synology photos, video or music etc services work if used with openvpn?
@chrismclean2989
@chrismclean2989 Жыл бұрын
Surprisingly straight forward 👍
@showdown2006
@showdown2006 11 ай бұрын
Will this still allow me to access my smb mount in MacOS finder to reach files I want to access/edit that are stored on the NAS?
@Xsessive182
@Xsessive182 Жыл бұрын
Great i was looking for a guide like this, can this be used for a qnap to Synology file sync?
@DavidM2002
@DavidM2002 Жыл бұрын
That was my first question. What now ? Get WinSCP ( free to use ). It's like Windows File Explorer except that it shows your local machine beside your remote machine. I recall that there is some sort of sync feature built in and no idea how configurable it is as I haven't tried it.
@Alex_Railnolds
@Alex_Railnolds 11 ай бұрын
Hi. Could you help - why my devices cant see each other if they are connected to different networks? Only on the same network they can see each other.
@jasonl7964
@jasonl7964 8 ай бұрын
Thanks for the video. I have Tailscale setup and running, I can access my NAS outside of my network using the Tailscale's IP for my NAS, How do I access it using Let's Encrypt Certificate? The certificate name only work within my local network.
@praetorxyn
@praetorxyn Жыл бұрын
The only ports I have opened up are 80 and 443, and those are forward to the LSIO swag container, which autoredirects http to https (I only have 80 opened up because I can't be arsed to type before my URLs if I don't), and takes care of reverse proxying requests from all my subdomains to the appropriate Docker containers. I am not sure how secure this is compared to say a Cloudflare tunnel, but I have not had any issues thus far. Either way, I think I'd need the reverse proxy setup even with a Cloudflare tunnel, because I have my network configured so that requests to my domain don't go out over the internet from inside my network, so I'd need the reverse proxy to handle the local side and I could set up Cloudflare tunnels to handle the remote side without having to open any ports.
@c0delama
@c0delama Жыл бұрын
I'm using TailScale for a while now, but what i have discovered is that especially on my Android device, many other apps (including the web browser) are not working when i'm connected to the Tailnet. Would be great to find an option to just enable it for certain use cases or apps.
@percipioergowhat
@percipioergowhat Жыл бұрын
that sounds like a dns issue and might be solvable
@aryo7781
@aryo7781 Жыл бұрын
does it need to be the same google account to access the NAS? or can other person using other google account access my NAS as long as they know my NAS' IP?
@Jp421JP
@Jp421JP 8 ай бұрын
Is there a way to limit a device to a single folder on the Nas, rather than full access?
@cunninghamb505
@cunninghamb505 Жыл бұрын
Is the connection slow for you when using as a exit node. Mine is slow
@ernestodiv
@ernestodiv Жыл бұрын
I'm using cloudflare to access my synology, what do you think about cloudflare?
@andresvaldevit3692
@andresvaldevit3692 2 ай бұрын
11:13 So apart from this I should still use Synology vpn? Isn’t Tailscale a vpn already?
@sourabhthorwat
@sourabhthorwat Жыл бұрын
I installed and configured it on my NAS, iPhone nad Laptop. I can access my NAS on iPhone using Tailscale IP or hostname in public network. No issue al all. But I am not able to use it for Synology Photos or any other app. It just gives security warning and donesn't work.
@MarkDart
@MarkDart Жыл бұрын
Thanks for the video I was starting to research solutiosn for my upcoming starlink connection. I have synology NAS which I am currently running open vpn and doing some port forwarding to my Virtual machines hosted on Synology NAS. The virtual machines are server 2003 and also investigating using XP 32 bit due to an old 32bit program I need to run. The issue with this is trying to get Tailscale installed on these machines. Is there a solution that you can think of that I can run on NAS that will give access to all my internal network when connected
@MarkDart
@MarkDart Жыл бұрын
I found the option to have one machine advertise the subnet route which fixed my issue
@barkdongston5814
@barkdongston5814 Жыл бұрын
I was troubleshooting a port forwarding issue with my NAS until 1 AM yesterday lmao
@jacobp7289
@jacobp7289 Жыл бұрын
How is this better than using quickconnect?
@laurentiudll
@laurentiudll 8 ай бұрын
It's 50 times faster
@MrTwixraider
@MrTwixraider Жыл бұрын
great, but if you like to share pictures with non users, I think then this isn't gonna work. So you will have to sacrify something
@unklesalty3732
@unklesalty3732 Жыл бұрын
Could this work for Hyper Backup?
@tonyvalenti6614
@tonyvalenti6614 Жыл бұрын
Worked for a while for me. Then disconnected and never was able to connect to the Vault again. 😞
@Hecheva64
@Hecheva64 Жыл бұрын
From your other videos I had the idea that a NAS could be a substitute for Google Photos and Drive. But yesterday I found a Reddit post with all the security warnings and saying that your NAS shouldn't be exposed to the internet. My idea was to share storage space and photos with family in different countries. And now, I find that this is a big risk not only for the NAS but for all the devices on your network. I feel frustrated and disappointed. If all this is not possible, a NAS is not for me; I prefer Google in that case. Your videos are great but I got the wrong impression from them and I think you should emphasise the problems of exposing the NAS much more. Sorry if I got the wrong ideas and I would love you to correct me and tell me that I am wrong so I can have a bit hope. Thanks for your videos
@dummyload7803
@dummyload7803 Жыл бұрын
if i may. A NAS can be a substitute for Google, however i would only use it via VPN. But i have to admit ... since i dont have a smartphone ... i would not know how to configure that. Using a puplic Cloudservice ... for me ... is a big nono. Another problem is the human being itself and its knowledge of computerstuff. If your family does not want to invest some time into learning a few things about computerstuff then offering space for them is ... in my eyes ... useless.
@jasonluong3862
@jasonluong3862 Жыл бұрын
Within a few years, opening a port and port-forwarding for any outside access to your internal network is synonymous with using fax machines and having your password "password".
@dummyload7803
@dummyload7803 Жыл бұрын
i disagree
@rafraf23534
@rafraf23534 Жыл бұрын
How does this compare with Twingate?
@anwar.shamim
@anwar.shamim 8 ай бұрын
very important
@arielgrassm.dan.rapmfellow4795
@arielgrassm.dan.rapmfellow4795 Жыл бұрын
If you limit the access to the port-forwarded portas to your mobile devices public IP address alone, why would it be risky to open ports this way, blocking all other IP addresses??
@dummyload7803
@dummyload7803 Жыл бұрын
public IPs always change. How would you setup something like this ? I guess when it comes to having restrictions on who is allowed and not most if not all smartphones are checkmate
@jasonluong3862
@jasonluong3862 Жыл бұрын
Does Tailscale run on all Synology NAses or just the higher end models with the x86 CPU?
@NikolaBulj
@NikolaBulj 2 ай бұрын
it runs on 223j, I guess it runs on almost all if not all.
@LaplantFilm
@LaplantFilm Жыл бұрын
Is this possible on a Qnap aswell?
@Teilzeitotaku
@Teilzeitotaku Жыл бұрын
for those who want to use thier synology NAS not just for themselve but to make the world a better place: Snowflake This tool makes your hardware into a TOR-Entry node...which helps other people around the world. Docker container is available...so it can be run on a synology NAS as such.
@djplasma02
@djplasma02 Жыл бұрын
Cloudflare zero trust tunnels, also good for remote access.
@g.o.9513
@g.o.9513 Жыл бұрын
Is this service free?
@PSP_vip
@PSP_vip Жыл бұрын
when i enter the ip , just nothing loading
@rishipareek4522
@rishipareek4522 Жыл бұрын
can we remote ssh with it ?
@q81tech
@q81tech 7 ай бұрын
so better not use ?
@samir1612
@samir1612 Жыл бұрын
I have Tailscale app on my phone running. Somehow my Synology-one-drive and Synology-photo-app does not work when I am outside the network. I can open browser and login to my Synology web interface. Anything I am missing? I tried to put correct addresses in both apps as per tailscale.
@oroville12345
@oroville12345 Жыл бұрын
Bro zerotier is better it works with wol and adding routes is so easy... 🔥
@uenmedia4528
@uenmedia4528 Жыл бұрын
Are you serious really?? What did you talk all those time? None sense really and explanation was really worse on here seen!!!!
@MacGyver0
@MacGyver0 Жыл бұрын
@NasCompares If blog/how-tailscale-works not lies, Tailscale node connections are end-to-end encrypted (a concept called “zero trust networking”).
@dean3184
@dean3184 Жыл бұрын
please interpret your comment for me. I'm kinda dumb when it comes to this
@MacGyver0
@MacGyver0 Жыл бұрын
​@@dean3184 This means that all traffic between devices is already encrypted and cannot be inspected by someone in the middle. Thus, the tail scale provides almost the same security as a local network. I would not put additional certificates on top for each web UI within trusted local network.
@ltngnx
@ltngnx Жыл бұрын
@@MacGyver0 In other words, certificates are not really needed? Ben loking online for days how to install certificates and it seems like there's no videosshowing how-to. Maybe it is because, at the end, is not reallt that needed?
Synology vs QNAP NAS Debate - Which is Better for you?
1:05:59
NASCompares
Рет қаралды 17 М.
Massive Botnet Attacking Synology - how to protect your NAS
24:42
啊?就这么水灵灵的穿上了?
00:18
一航1
Рет қаралды 101 МЛН
Миллионер | 2 - серия
16:04
Million Show
Рет қаралды 1,8 МЛН
А что бы ты сделал? @LimbLossBoss
00:17
История одного вокалиста
Рет қаралды 11 МЛН
is Quick Connect Secure for Synology?
14:28
SpaceRex
Рет қаралды 53 М.
Using Plex on a Personal VPN Like Tailscale
11:27
Lon.TV
Рет қаралды 17 М.
A Guide to NAS - Things People STILL Get Wrong
16:29
NASCompares
Рет қаралды 17 М.
My Synology NAS was ATTACKED!
8:01
WunderTech
Рет қаралды 55 М.
I Built a NAS: One Year Later. EVERYTHING I Learned and the Mistakes
17:37
Jimmy Tries World
Рет қаралды 984 М.
Ultimate Guide to Synology Remote Access: 5 Methods Explored
14:43
Use Tailscale on your Apple TV!
8:35
Tailscale
Рет қаралды 25 М.
啊?就这么水灵灵的穿上了?
00:18
一航1
Рет қаралды 101 МЛН