วีดีโอ

Really good content but who is your audience ? What in the world is "SSH" or "ACL" and on ?

Thanks for the description, my immich processing time now got reduced by 40x when using my desktop GPU vs the i5-1235u in my NAS!

Can Tailscale be installed directly in my home wifi router? Maybe as a service? or with OpenWRT? I would love to see a video about that!

Explaining how to set it up and use it doesn't help us understand how it's working. I opened this video hoping to understand exactly what it's actually doing, but what I got was a sales pitch. "Look how easy it is!" Oh, fine... But, "easy" usually isn't secure, and so why should I trust this? How do I know my network remains secure, even from the people at Tailscale? Forget "policy". How do I know that it's protected by enough "technical" barriers to prevent someone with top level access to Tailscale's control servers to grant themself permision to add themselves to my network? Explain THAT to me, and then I'd be sold. And, don't bother telling me that nothing is ever perfectly secure, or that a malicious patch could be pushed. No, thank you, Captain Obvious! You really think I don't already know that?

I don't understand the use case. If I didn't trust the Tailscale coordination server, then I wouldn't trust the implementation of Tailnet Lock either?!

The part exposing in app via serve and funnel is similar to caddy?

Why tailscale website is not working ? When ever I am trying to visit and download tailscale setup file it is showing "this site can't be reached" ?? Why ?

Why do you use a public domain that redirects to the private Tailnet domain? Wouldn't it work just the same without a public domain by using the private Tailnet domain directly? Also, it's one piece less of metadata leaked to the public internet, and saves domain costs, management and configuration. EDIT: The answer is yes, as written in another comment "If you want to use the provided tailnet domain it’s as easy as that. You only need to add the extra complexity if you want to use an external custom domain". th-cam.com/video/Vt4PDUXB_fg/w-d-xo.html&lc=UgyF1gVItm8tYaCAzXF4AaABAg.A2dSWwSEgRmA2eAoSMFLFW

I'd also pronounce it as system-c-t-l, just like the first time you said it in that fragment ¯\_(ツ)_/¯

These videos are great. Helps me help friends :) I got a request though; This sort of video, an 'how to..' on Unraid and how to safely set it up so Docker Containers are opened to other devices. I think there are a lot of Proxmox users who would like that too ;) I have not been able to connect to my Unraid server from outside my network yet for some reason.

Hi, thanks for the video, how did you get the bracket pair on top of your iPhone, look like custom logos on Cydia app lol

Short, smart, productive video. Hope you guys make usefull video like this.

wait, hold on. Is this the Alex from the self hosted podcast? Is i you Alex? My head has just gone to a time space vortex, can't believe it.

Really like this Tailscale Explained series. Any plans to create deeper-dive videos around Tailscale Access Control?

Before all, thank you all Tailscale team for this awesome tool, it's magic. I am trying to connect to my printer through a subnet from my Android phone outside my home network, but my phone can't "see" the printer. Is it a Android app issue, or am I doing something wrong? Thank you.

We want start on boot for the android client

can I share that connection with a device that can't run tailscale? For example, can I start Tailscale on my PC, also start a wifi hotspot from that PC, connect my Nintendo Switch to it, and game locally with someone else on switch halfway around the world

Ok this may help me solve an issue I have on gh actions. I need to connect to a database with a whitelist in front of it from my gh actions run. If I can do this, I should also be able to route outbound traffic to my exit node running in AWS that has a fixed IP. I’m new to Tailscale still learning. Next I want to learn to route only some of the traffic to my node in AWS. Thought about subnets but it’s hard to find the ip addresses of my targets. Next I found applications and this seems like exactly what I need. Still learning to configure. Could really use more videos on acl. And setting up an application node. For instance can I use the same node for an exit node and an application node?

Hi Thank you for the clear explanation of subnet routers. I have been battling for a long time to share files or folders over the internet and using your example i managed to get it working. Thanks once again for your video

Followed the steps but it is not working for me. I installed tailscale as add-on and while accessing the url after setting the proxy (configuration.yaml) as explained in your video, it is not working. Not sure what is missed. Getting "This site can’t be reached"

Can you do Derp server next please? My host and clients are behind cgnat. I would like to know how we could solve this issue

If the caddy/host is running behind cgnat, will it use DERP/relay? Also the client are behind cgnat. Everyone is behind cgnat :'(

I was trying to remote to my desktop PC using RDP software on Android but always connection fail.

Still getting familiar with Tailscale. At ~ 2:40 and ~4:23, both connections are not secured, not TLS/SSL. Is this because the VPN connection between the phone and Tailscale is secure? What security protocol is used to secure the VPN tunnel, e.g., IKEv2/IPsec?

Very useful video, I have one question though, I have succesfully enabled 2 subnet routes (debian server both), one local and one remote. The problem is that when both are enabled I cannot reach my local containers with local IPs like 192.168.0.xx. As soon as I disable the local subnet I can reach my containers and my remote network but obviously not the other way around. Any ideas? thanks

Thanks Alex. Such a great explanations you're doing. I've got a couple of questions though: 1. Given two environments: A machine XXX running Tailsacle in site S01 on a local network 192.168.1.0/24, and a remote machine YYY acting as a subnet-router running in another site S02 in which the network is also 192.168.1.0/24. The question: Would this work? I guess this would cause a conflict. Knowing that you don't have access to the router configuration on both sites to change the network configuration, how do you suggest setting the subnet-router to access devices in S02 that you can't install Tailscale on? 2. (much simpler question 😅): Is there a Discord server for the Tailscale commnity to chat/exchange on? Thanks in advance.

Would be really great to get an advanced video about using subnet routers to talk the opposite way too, i got it working at some point by configuring the subnet router as gateway for the ts ip range in my network. also how does tailscale auth play into this topic? can i use the external ip range now in rules? another question how to solve conflicting ip ranges from multiple subnet routers.

Hi Alex,can you make a video in German?

Will there be any performance impact using the subnet router method versus a native installation on the devices I am routing this traffic to?

i feel, it's just a Magic when i use Tailscale all time man :) thank you for this video

Wow! You mean this IP code behaves like all other proper IP code!?

I use tailscale+subnet to remote view my Jellyfin server, wol pc

Thanks Alex, as always great videos. I’m using TS to bring in a VPS public IP to my self hosted mail server. The mail server is a Synology box that can reside on any connection anywhere as a result - it just needs to be able to get its Tailscale instance connected. The Synology is also setup to use the VPS as an exit node so it appears with the correct IP for sending emails. The VPS is running Debian and simply port forwards the required ports to the Synology. Slick, reliable and fast.

I love y'all so much!

I love how clear and concise you are with all the complicated network variables. Thank you for publishing these wonderful videos!

Thanks again Alex

Tailscale = black magic. Thanks, Alex.

Awesome video 📹 as always

Thank you Alex 🎉

Can you have the GL.inet route through Apple Tv AND have a VPN signed in on the same GL.inet router?

I can’t praise Tailscale enough, it’s such a marvelous software. Great job Tailscale team!

Wow, this is just genius! :o Ich als Deutscher und IT-Nerd bin sehr zufrieden. XD

Hi Alex, followed your setup but there seems to be no connection between Immich and the machine learning instance. You mention at the end that your Immich instance couldn't see the ML instance because of the 'container' tag. My ML instance is not shared into the tailnet but native, would this still apply? If I remove this line '- TS_EXTRA_ARGS=--advertise-tags=tag:container' from my docker compose config the container doesn't connect to the tailnet anymore :( Any idea how I get the Immich instance into my tailnet without the tag?

Quick question / point of clarification: at the very end of the exit node you indicated that it was useful for accessing apps you host yourself. I "think" this was a victim of editing that was not necessarily tied it needing to be an exit note to access self-hosted apps and home automation things because that was covered at the beginning with the Own Cloud stuff, right?

For exit node, should I use a Pi 5 or a mac mini m1? Previously I tried a pi 4 as an exit node but it struggled and gave me high latency and packet loss.

átláthatatlan katyfasz az egész

Hi Alex, thanks for the video. This is my first step figuring out why my Docker image can no longer resolve hosts. It's been working for months now with `docker run` command options that provides the proper entries in /etc/resolv.conf but within the last few days, a Docker or Tailscale update broke something. (/etc/resolv.conf is still correct but the container cannot reach 100.100.100.100 or the named DNS server. It can reach other hosts on the local LAN by IP address but not name. 😥) Edit: upgrade from 1.68.0 => 1.68.1 seems to have fixed the issue.

Excellent tutorial! I was able to get this working running everything on my Raspberry PI - but I've run into one problem: my Windows machine can't resolve the DNS of my routes correctly but my Linux ones can. When I try to run NSLookup on windows the magicdns daemon tells me that my domain (reachable from Linux boxes in my tailnet) is a non-existent domain. Any ideas what that could be about?

Great video, one question though, Does this process have to be done for every compose yml i create?

Anyone know how to use the command tailscale up in shell for truenas scale? I tried many ways to get in, SSH won't let me through auth, and shell doesn't offer commands.