I can also directly connect to other Tailscale-enabled devices within the Tailscale subnet. It can then connect to any device connected to my internal network of 192.168.10.0/24. So, when my laptop connects with mobile data when I’m not at home, it gets a Tailscale IP of 100.15.10.5. It’s a feature that allows me to ping any internal IP when connecting to the Tailscale subnet.
I have one Raspberry Pi configured to expose my internal IPv4 subnet for my Tailscale tunnel. I have a secure VPN tunnel to my internal network using my laptop (and other devices I have on me when traveling). I could also remove the QuickConnect feature from my Synology device. I no longer need to open ports or use NAT to grant me access to my internal Synology NAS, my Vaultwarden password management tool, my Raspberry Pi cluster, or anything else I need to access remotely when not at home. This setup allows me to remove all publishing rules on my firewall. The big pictureĪ picture tells more than a thousand tweets, so here’s the solution: This post will describe this setup and configuration. Since then, I’ve built a more secure solution with Tailscale, specifically to allow me to access my internal services more efficiently and securely. As a quick primer on Tailscale security, check their docs here. If you’re not familiar with Tailscale, please check out my previous article on the basic setup.
Thanks for reading my blog! If you have any questions or need a second opinion with anything Microsoft Azure, security or Power Platform related, don't hesitate to contact me.Ībout two months ago, I deployed Tailscale to provide a secure remote access solution to my internal (home) network.
0 kommentar(er)
