This tutorial looks at how to set up Tailscale on a Synology NAS. Tailscale is a configure-less VPN which means that absolutely NO port forwarding is required. This is a great option if you’re behind a CGNAT or if you don’t feel comfortable port forwarding.
✅ Written Instructions: https://www.wundertech.net/how-to-set-up-tailscale-on-a-synology-nas
🔔 Subscribe for more tech related tutorials and overviews: https://link.wundertech.net/ssYt
🚀 Product Recommendations: https://link.wundertech.net/rmYt
❤️ Check out our website: https://link.wundertech.net/wtYt
DISCLAIMER: The information in this video has been self-taught through years of technical tinkering. While we do our best to provide accurate, useful information, we make no guarantee that our viewers will achieve the same level of success. WunderTech does not assume liability nor responsibility to any person or entity with respect to damage caused directly or indirectly from its content or associated media. Use at your own risk.
WunderTech is a trade name of WunderTech, LLC.
0:00 Intro + What is Tailscale?
0:53 Tailscale Install
1:23 How to Use Tailscale
2:14 Connecting to Other Devices
4:25 Tailscale Admin Portal
5:17 Access NAS with Local IP
5:46 Exit Node (Full-Tunnel VPN)
7:29 Tailscale VPN vs. QuickConnect
8:49 Conclusion
unfortunately, the current version of tailscale apparently does not have the "advertise-routes" command? I am getting a "command not found" error on my SSH command line. Similarly, advertise command fails… 🙁
I switched from Quickconnect and Openvpn(using your videos ) to Tailscale without any problems 🙂 Split and Full tunnel of course with your guide !!!
Hi i got 2 questions:
On my phone, if this is a split tunneling, can i permanently leave on the tailscale toggle? which from my understanding means only connecting home will be secured, and any other internet browsing will be left intact ( and at the maximum speed because its not vpn-ed) ?
Second question is, if i use exit node and make it into a full-tunnel, is my general browsing and downloading speed slowed down ? who processes that VPN? through which servers ? Who will dictate my internet speed then ?
Hi Frank, thank you, your video! Could you please explain how to setup a reverse proxy or so so I do not have to use port numbers to access paperless or other containers?
Hi, I do use Tailscale and it works great. However why should I work with Tailscale instead of Quickconnect. Nobody seems to give that answer. Can you explain that?
What additional steps are needed to access the AdGuard LAN page and use AdGuard as a Tailscale nameserver? Would be great to have AdGuard on the go. Name resolution only works when I use my normal internal nameserver, not AdGuard. I can't ping the AdGuard IP either. I do have an allow firewall entry on my Synology to the AdGuard IP. It must be related to me running AdGuard as a Synology container that uses a bridge network.
As usual great content. I particularly appreciate your written blog which allows to follow what you show.
Big fan of your synology posts.
One question though.
When i try to connect to my synology through the tailscale ip using :5001 on my ipad, i get warning that the connexion is not secure. I need to accept the risk to log in.
But once connected. There is a closed padlock next to the url.
I guess this is a certificate issue. I searched the web for that and found several solutions requiring setting up a certificate using commands like tailscale cert and moving the certificate around. Got lost and did not try this.
Would be great if you could do a video on that and how to i port the tailscale certificate to various clients.
Can you show how we can map a network drive with tailscale?
Not everything worked for me. Was unable to use split VPN tunnel (only NAS was accessible and only through Tailscale IP adress) and my local network was still inaccessible in both split/full VPN. Didn't get "Success" after SSH into NAS and inserting command mentioned in descripion. Yup i'm zero in Linux, i know.
But using Tailscale to make VPN connection to NAS and using it like an exit node is quite useful for scenario of unknown wifi usage necessity. Finding many really cool things on this channel. Many thanks.
Another superb video from WunderTech! This channel is probably my favorite Synology how to resource.
Thank you! This video was gold!
Great guide! But is it possible to backup your NAS with hyperbackup/vault to another NAS using Tailscale? if so to you have a guide for that?
Just started my journey with NAS systems. This channel is pure gold, i can not describe how much you helped me. Cheers!
Ok, but how does it look like to add the quick connect into nodes or drive etc.? Could you show an example how the line has to look like?
Amazing video, thank you very much! I can't remember all the ports of my docker containers on my Synology NAS. Tailscale seems to have some kind of reverse proxy so it would translate example.com to my NAS' IP and the containers port, did you manage to get that working? Would be cool if it will recognize the aliases on any device connected to tailscale
Tailscale is fantastic my ISP uses CGNAT so no port available forwarding for OpenVPN
Thank you Frank for a great video. I tried to advertise an extra vlan beside the one where tailscale is installed on a nas.But I could not use both subnets. Is there a way to accomplish this. I am trying to login to IoT vlan from outside. Thank you
I must have watched just about every YT video on Tailscale ( yours are certainly among the best ). But, what I found to be missing was how to get files from my remote device onto my local device. So, for the others out there in the same boat, this is what I did :
1) On your Synology NAS – Control Panel Terminal & SNMP Terminal , check the "Enable SSH Service" box
2) Download the free file transfer utility, WinSCP from winscp DOT net .
3) Install WinSCP on your local computer.
4) With WinSCP, login to your remote Synology using :
File protocol – SFTP,
Host name – the IP address that Tailscale assigns to your remote Synology NAS,
Port number – 30 ( that seems to be universal ),
User name and password as appropriate for your NAS
Then you get a window on the right populated with your remote NAS folders and files much like Windows Explorer. There are some interesting feature for syncing here but it works pretty much like using Windows Explorer.
I hope that fills in a gap for some of you new Tailscale users like me.
Hi, for some reason, I cannot see my docker containers that are running on a macvlan network (as you showed how to do in other tutorials). How can i connect to docker containers running on macvlan docker network with its own ip separate from the NAS?
I tried accessing with the IP addresses i normally use when i was full tunnelled with tailscale but they would refuse to connect.
How can i access the docker container services running on that macvlan with tailscale installed on the docker host synology
Thanks, Frank. A VPN that actually works for me. At 4:07 what password are they looking for? The DSM admin password? the password for the Gmail account I registered with? None of them work. get timed out at 3 guesses.
Cannot express how glad I am I've found your video channel. I have subscribed immediately. Your style and voice are perfect for me to learn from. Perfect speed as well, usually these speakers are too fast or too slow or trying to be funny or sell you something. Best channel on youtube!! Thanks so much!
I am gonna have to subscribe to your channel for how useful this post was….