If you aren't managing your keys, someone else is. - Steve Gibson

I am not an IT professional and I am not a beginner. You managed to use just the right level to be perfect for me. I just loaded Tailscale on 5 of my devices and working up the nerve to add it to my Terramaster NAS (scary 😮) if I mess up my 11 TB data store. I just heard about Tailscale two weeks ago. I do home automation with several small Linux machines (Raspberry PIs and Inovato, Quadra). It appears Tailscale will fix a lot of holes in my system. THANK YOU

Great video! This was definitely much easier and smoother than other previous attempts. Seems like Tailscale just works. Thanks for sharing this, Christian.

Hi Christian, another great video! Please continue with more detailed related stuff like MagicDNS etc. - thanks.

Unfortunately it's hard to hear you with the ridiculous music playing. Aside from that, how is this easier than setting up PiVPN? Install PiVPN, connect to PiVPN, access everything on your network. No need to manually setup individual devices/nodes as you seem to have to do with Tailscale. By comparison Tailscale seems incredibly laborious.

Great video Christian. From a security perspective it sounds like a hackers dream....compromise one node and have secure access to all the other nodes. I can see the use case for it for homelabs and remote access where you know each node is safe but from a business perspective I don't think it's a good idea. At least with the traditional VPN gateway you can implement 2FA and make sure it is enforced. Keep up the the good work.

I used to use Hamachi, Teamviewer, Zerotier One, and Twingate to connect between my home PC and office PC. None of that can beat Tailscale. Its just works. And very low ping. Which is important because I connect mainly using VNC (windows to windows). Tailscale really solve my connection issue.

Every now and then Wireguard gives me some headaches. After this tutorial I fell in love with Tailscale. Thank you very much Christian, you are great!

Seriously, dude. I was watching so many videos lately about remote access/vpn to connect to my RPi Jellyin from outside of my network and NOTHING worked. YOURS though was easy as f**k ^___^ Cheers man. Looking forward to access my library now on holidays ;)

How do you know who, or what community, is behind Tail scale that makes it "safe?"

This just sounds like security disaster with extra steps. There is no way anybody is connecting to any of my local machines without punching through NAT first. This video fails to explain how this “magic” is done, and the way it works is Tailscale runs relay nodes that help establish direct connections through P2P and in case where direct is not possible, your data flows through a remote node. The machines behind NAT that you are connecting to reverse the flow of traffic by basically asking the remote server what to send over, which is the “magic” we see. This is all encrypted, but it’s basically trust me bro guarantee since neither tailscale client or server parts are fully open source. So 1) you’re supposed to run third party app on all of your infra that has access everywhere and isn’t even open source and 2) it all communicates using key pairs you can’t manage and the parts of code that make them and use them are not 100% open source either.

Looks cool, but you do give up a lot on your security and have to trust them not to mess up and not to collaborate with any government, or is it open source and you could also run your own private master server? (obviously this doesn't guarantee much, but still....)

Great job, as always. Thanks Christian.

Thank you Christian, just trying out now to see it, had some problems with Wireguard so I'll try this for now ;)

Frigging nightmare setting up tailscale on MacOS TBQFH. NoMachine is much easier.

Just sign in to "Google" or "Microsoft" and it's all automatic. Ummm that's gonna be a big NO for me...

Is tailscale self hosted or does it need (internet) to dial home to the company to work?

One thing is causing me trouble. When I installed and started tailscale on my server. My server is able to connect to internet. When I installed on my laptop and mobile. When I am connected to tailscale, I loose internet. How to fix this ? I want to be able to use tailscale to create usable domain names for my servers to share with others. I know tailscale is for private communication. But this seemed possible as well. I read about exit nodes tried to configure that as well. But it didnt' work

Hi, does anybody know how to install SSL certs on nextcloud with Tailscale? I have enabled SSLon Admin panel and I have generated crt and key file by tailscale, What should be further steps? I have nextcloud hosted on LXC Container on Proxmox, installed by snap.

When I try mounting my Synology shares to my desktop “connect to server” on my Mac, it asks for a password. Every password I’ve tried associated with my NAS doesn’t work. Which password do I need?

giving all your vpn keys to a third party is the worst thing you can do in a self-hosting environment

From the security perspective, I don't think that its a doable solution for corporate networks. What we should focus on is a data protection rather than bring ease in life. Though, it is good for people who aren't concerned about the security and use it for home-network to home-network connectivity. By enabling the mesh network between the servers and the clients as every node that is added on Tailscale account can access each other which again leaves me a big question mark on what if 1 client machine got compromised. Whoaa!!! A disaster will occur as accessing all other nodes which could be either be a server or another work station can be accessed by the Hacker. By having the VPN server, we manage the keys and exchange algorithms at our own end instead of leaving it on some third party network. Anyways I like the way you described it but it is always better to notify the vulnerabilities associated with the solution.

Would love a video on the built-in DNS functionally. Also could I buy a vps on DO and have it ONLY be accessible via tailscale, and what about Docker containers, can i have Those only on tailscale?

Very cool. This was my introduction to Tailscale and I’m impressed. I’m going to give it a try. However one of the Mail reasons I’ve gotten into home lab stuff is reducing the dependency on others. Based on subscription details looks like your still dependent on tailscale the company. Is there any way to fully self host the solution?

Is it possible to set up a site-to-site VPN between two routers that have Tailscale already pre-installed?

My apple phone already uses a VPN for nextdns, so I assume I couldn't use tailscale at the same time?

OMG!! I love this!!! Great video.

Do you really think this is a good idea from security point of view. You have to install on every client a “trojan” that connects you to a “service” in the US. Of course, it is easy to setup, no question, but as an it professional, like you always claim - who controls this network? This service has two sides of the same coin. You just mentioned the easy usage, but have forgotten the security aspect. What’s wrong with the “IT world”? Don’t you think about security anymore? I’m just waiting for the news… “Tailgate VPN hacked because of …”

What about SIP Phones, like Yealink? Got a local Telephone System on one Location, and Phones on 3 other Locations. Actuall we Use Sophos Firewalls that are connected together.

Where is the catch? Seriously, if it sounds too good to be true, it usually is. What are the downsides, for example compared to setting a wireguard vpn yourself manually?

Thanks for this video. I struggled with zerotier to setup my server as standard route for DNS and as VPN. And in tailscale it just needs a toggle of the button exit node 😯 Seems easier and better documented. Going to try it and finish my setup.

Can i ask you im from algeria im using wireguard to bypass restriction and free internet but there much bugs in morning is there solution for that ?

Hi Christian, Another great video. 2 quick questions. 1) Which are the differences between Tailscale and ZeroTier? 2) With Tailscle am I able to get on all machine the same public IP (as would be with a "normal" VPN)? Thanks

I'd love to see the follow up video about Magic DNS. If you happen to have a qnap NAS I'd love to see a user friendly Video on how to get tailscale up and running. Cheers and keep up the great work.

what if you want to give access to someone else? does he have to login into tailscale with your credentials? for example google username and password

I am a hobbyist. You did a great job with the video; however, I am on Truenas Scale, and there is no drop-down menu for it. I attached my machine, downloaded the app, and set it up with the AUTH code. I am lost from here. Can you help?

Hi, thank you for your videos. I am just curious to know how does it compare to Zerotier, in term of privacy and security?

Question, what if someone gets access to your account (e.g. GitHub auth service)? Or hacks the Tailscale service?

Im using the tailscale windows 11 but windows 7 its not installing there any solution

Thanks, I didn't know about this cool service. More videos like this please.

Love your content man.

I did not understand about 13:45, I have a wg server on my vps, the issue is I need that since i have portainer etc but my dorm wifi blocks the wg server port thus I should not-blocked ports and have a lot of different .conf files for every peer.. with tailscale as I understood, he understands that fw or nat is blocking it and ? would just find another port or switch over to tcp? Did i miss something? Thank you very much

whats the difference between zerotier and tailscale both seem to be similar to me

that's actually more setup, if you need to install it on every server/device

The one thing that drives me nuts and Im not sure there is a workaround is if other devices are on the same LAN, your device will over travel over Tailscale instead of your Local LAN. I noticed this when using a node as a subnet router. I would guess thats the computer making the decision but there doesnt seem to be a workaround...well from what noticed.

I'm still concerned about data security and data compromise resulting from relying on some company. Large company may have resources to build a infrastructure themselves and for small firm, it is still possible to configure the machines keys and exchanging them, because not all node need to connect to every other nodes anyhow.

TailScale is good but do you have any idea about any similar open source projects coming up that can be running in the private server..

Thank you for this video and the tip on an easy VPN solution!

thanks I learned something new

How secure is this, because your data is still being sent through Tailscale's network right?

please explain how to set up subnets and exit nodes in the tail scale

This is really cool. I could RDP directly two Windows PCs behind a NAT. This kicks TeamViewer or anyDesk ass out :D I wish we had a selfhost option.

Thanks for the explanation, but I'm still confused as to the purpose of tailscale. I understand it's a VPN so communication between two machines is secure, but what's the connection able to do? Can I use it on machine 1 to view a remote desktop of a second machine? or am I limited to just seeing the terminal of the second machine on the first. Would this be able to send files pictures from my phone to my pc without having to deal with a wired connection? Any insight would help a lot!

It sounds like Tailscale is very similar to NordVPN's Meshnet using WireGuard.

Hi, is Plex server can be run on Tailscale?

i Set up TailScale because my ipv6 and ipv4 change from Orange Fai in France. Difficult to have your own firewall in France at home. So Tailscale is not bad for this kind of solution coupled with Adguard-Home with some configurations to tls-dns, I use it to use as a vpn with an outgoing at home when I am remote or need access to a file on my local nas. It can also be useful for doing a lan to lan for online video games. After security question it is a problem to solve between the chair and the keyboard.

When the free plan mentions one user, what exactly does that mean? For instance I care to have our employees connectr outsite the corp environment to the dc serv who has a very special crm program running from a folder (no client installation or anything) i am trying to figure out what exactly do I need to make this work. By saying work I mean 20-25 people outside office to be able to connect to the crm program after initiating a connection via tailscale. Do I need a price plan with as many users connecting (from their different machines) or jsut one user to set all that up?

Has the "L" always been missing from the "Digital Life" sign?

Thank you for your video. How would you best transfer files from one computer (node) to another if you were using a Mac to Mac or windows to windows? Also how could you do a “VNC” connection to control another computer through Tailscale? Would you please do a video on that?

Hello, with this video do you hide your ip adress using a vpn or you create a vpn at your ip adress?

Do you have any video on how to use it as a Internet gateway (Exit node) to use it as a VPN for all traffic? thanks

could i setup my own Tailscale server instead of using their server

Hello can you help me set this up ? We can use team viewer and I pay with Bitcoin

OMG thanks it really work good and install proces was easier than changeing light bulb

Hi Christian, thanks for making a video about tailscale :-) Tailscale is one of the best and intuitive tools, I have seen since years! It never was so easy to use VPN and not only between two devices, but between many devices - with static ip-addresses for every device :-) Normaly, every device can connect to each other device that is connected with the same authentication-account, but you can limit access (for devices and protocols) with access rules very easyly on the tailscale-dashboard, too - that's fantastic! With a smartphone it is easy to be "always on", so secure connections to all my machines from everywhere. For my opinion tailscale is a real revolution! Thanks a lot for your video and please more such holy shit stuff :-)

Thanks man very interesting

Your English is Good i didnt know you were German until you mentioned it. Thought you were from Minnesota lol

Hi there, which terminal application are you using? Looks way cooler than my putty

I am getting 10-400ms ping over my local network? any tips how to fix this on MacOS?

"It just magically works" No, it works by having two separate tunnels using their servers as a relay. Privacy and security nightmare. If you need to connect to your own networks then you need to use your own VPN. Why on earth would you give some third-party encrypted access to your network devices??? Literally paying for MITM snooping.

Thanks for the video Chris. What' s the difference with zerotier?

I'd like to know if this is better than using CloudFlare tunnels...hmm...

Does the user running the service needs to be admin? Because that was the case with wireguard

is there a self hosted alteranative to cloudflare ?

Please go into the DNS in another video, interested to discover more about how it works

Awesome video! Please tell us more about the Magic DNS and how to set it up.

Hi! Great video! What SSH Client do you use? Need one that can save logins, open mutiple tabs, and FREE :)

Hey, awesome vid, mate! Can you help me with something? I'm using a TrueNAS Server that's located on my home network and I want to acess it remotely, I tried to use OPEN VPN but for some reason it isnt working as I wanted... So, do you think Tailscale can help me?

For everyone who doesn't like the idea of this being managed by a 3rd party, they now have a self hosted option called headscale.

What terminal emulator are you using there in Windows please?

Hi there ! If I install Tailscale on a Romanian Ubuntu Server, it’s mean that all my connnected devices will have Romanian IP ?

Very easy install, having trouble on how to send magic packet via tailscale, where my powered-off pc still doesn't get the packet.

Can you please make a video on setting up Headscale

Sorry man but any vpn service (and not per-per) is actually 'man in the middle' and is literally not secure - it is as secure as tailscale metadata storage. But yea - it is simple.

Great tutorial! Can you explain how to VNC to a VPS that is connected to Wireguard ?

hi Christian can u make video how to connect tailscale wsl2 work.

MOAR!

Sounds good, but you become dependent on the fact that Tailscale services stay up.

What program do you use for ssh?

Oh the video on mdns would be great

Where is magic dns video

Just awesome

thnsk sir amazing easyl to understand

Thnx Fritz

Thanks so much for your videos ! Could you post a Netmaker tutorial, possibly with NPM? Thanks Keep up the good work

Is it possible to tunnel internet through one of the peers?

Talking of simplicity how about pivpn ?

Cool video! What prompt do you use?

What a crock of... waste of time. Install Wireguard with the config on each remote device that needs access, configure the router, and bingo. Job done. Create any necessary rules to block the remote device from anything it doesn't need on the LAN, and job done again. Easy peasy.

Is there any self-hosted alternative to tailscale?