Tailscale is the Easiest Personal VPN Solution - Securely connect to your home devices remotely !

hey everybody it's Lon seiben I have

long recommended that you keep your

devices on your local network safely

secured behind your router or your

firewall so that people from the outside

can't access those devices easily and

there's a lot of good reasons to do that

these days because we're seeing more and

more examples of things like network

attached storage devices getting hit

with malware because they have exploits

that are accessible even if you have a

unique and strong password and there are

many examples of people getting all of

their data locked out or deleted by a

botnet that happens to be looking for a

specific type of device there's a

YouTuber here who had an awful story

about losing essentially his life's work

because his Nas had an unpatched

vulnerability and it was accessible to

the outside world the problem is that

you might want to access your stuff from

the outside world and if you have

everything locked behind the fire

firewall you can't access it now of

course one of the solutions to getting

to your stuff from the outside world

would be to set up a personal VPN server

a couple of years ago I demoed how to do

that on a Raspberry Pi but a lot of

routers now come with a VPN server built

in but it still can be a little complex

for people that are looking for a

point-and-click solution and the other

day I had to set up something really

quickly and I'll explain more about that

project in a few minutes and I chose a

tool called tailscale for the job which

is probably the easiest personal VPN I

have ever used and what's nice about it

is that it is incredibly secure and can

be easily shared and unshared depending

on what your needs are with different

people that you're connecting with and

while tailscale has been around for a

while they recently expanded the number

of devices you can use on their free

tier to the point now where you can have

if you go to the pricing section here up

to 100 devices is on your personal

account before you have to start paying

for anything and I think for most people

that are using this for personal use

you're probably not going to hit that

limit so this is a really good solution

now so what we're going to do in this

video is set it up it won't take all

that long and I'll show you a few

different scenarios that this tool might

be useful for and I do want to let you

know in the interest of full disclosure

this is not a paid sponsorship so

nobody's paying for this video all the

opinions you're about to hear are my own

and no one has reviewed or approved what

you're about to see before it was

uploaded so let's get into it now and

get tailscale set up and we'll do some

demos of how it works now your first

step of course is to head over to the

tailscale.com website and set up an

account I want to note here that you do

have to log into their service for this

to work although the communications that

you will be making between your devices

are encrypted and those will not be

accessible to tailscale but due to the

way it works there needs to be a server

that both the computers are connecting

through so that they can see each other

once they do tailscale will negotiate a

way for those computers to communicate

directly to one another but you still

need to go through their service so if

you are looking for a self-hosted VPN

solution the Raspberry Pi thing I talked

about or your own router is where you

want to go there but this does make

things a lot easier so to get started

you can click on the try for free here

and what's neat about this is that it

uses existing identity providers for

this to work so you can use your Google

account your Microsoft your GitHub your

Apple account versus having to set up

something with its own password with

them this of course means that you make

you need to make sure that your

passwords you're using for your identity

providers are secure and you've got

two-factor authentication set up and all

that stuff because the identity provider

here is what you're logging in with and

so if you've got a weak password

combination on any of these identity

providers that's going to be a point of

vulnerability so make sure you get your

account secured and you're good to go

from there so I'm going to sign up here

with Google and I'm going to log into my

Google account and we'll take it to the

next step after that so now that I've

logged in with my Google account we're

taken to their workflow here to get

started and as you can see it detected

that I am on a Mac right now so it's got

that as my option and if I click this

button here it will take me over to the

Mac App Store to download the tailscale

application for mac and in a few minutes

we'll set this up on Windows also so let

me do the Mac install real quick and

once we get the software installed we'll

pick it up from The Next Step so I

downloaded the client software from

tailscale here and we'll click on get

started and what we're going to have to

do here on the Mac is to allow VPN

configurations because it does connect

to the max native VPN system so I'm

going to click allow here and now that

we've done that it will get things

started and ask us to sign in to the

network so I'm going to click sign in

here

and what it's going to do now is go back

to my web browser and because I am

already signed in with my Google account

it's asking if I want to add this device

to the network and I'm going to say yes

and click on connect here and now it's

asking us if we want this to start when

we log into the computer I'm going to

say no because I only want to load it up

when I need it but if you find yourself

always in need of this you can have it

load at the time of startup and I like

that they give you this option because I

hate things that install and stay

resonant all the time without my

controls so now I can control it and

when I want to connect to my home

network I just load up tail scale so

I'll say manually there and now that

we're connected we can find our network

devices so I'm going to go over to the

show tail scale menu and if we go up to

the top of the screen here you can see

now that my device is on the network

that I have just set up and so we've got

my MacBook Air here along with an IP

address now this IP address does not

have any accessibility on the regular

internet I have to be connected to

tailscales network and I can't just

connect to anyone's tailscale IP address

it has to be

connected to my account either directly

or through the share feature that will

demo in a few minutes so right now I've

got nothing else on my tailscale network

except the Mac on the desk in front of

me so why don't we grab my Windows PC

and add it to the network next so now

that we're on the PC we're going to go

to tailscale.com and I'm going to go

over to the download section and it's

detected that we're on a Windows

computer so I'm going to download the

client for Windows and click on Save

here and what this will do is download

that client software and what I'm going

to do now is run it real quick and

install it it's a little different than

the Mac because it does not install

Through the Windows App Store but what

I'll do here is install it give it

permission to do so and we'll let that

process finish up so once the install

here is done we'll jump back and see

what the next step is alright I

installed the software now on the PC I

didn't see it pop up anything after it

was done but it might have been a little

too quick on closing a web browser

window so if you have a situation like I

do if you pull up the little carrot here

on the right hand side of your taskbar

you will see tail scale running I'm just

going to click on that and go over to

login and what this should do is pull up

a web page as it just did here and now

I'm presented with my options for

logging in and remember because we can

use an existing authentication provider

I can sign in now with my Google account

which is what I'm going to do so let me

get that sign in done and we'll see what

happens next all right so I got the PC

now connected to my tailscale network

and if I jump back to my Mac here you

can see that we're now seeing it on this

side as well and they're giving me some

instructions here to run a little ping

command in terminal so if I do that you

can see that the two computers are

communicating with each other and this

is no surprise that it works because

both of these computers right now are on

the same physical network but we're

going to change that in a few minutes

here but it looks like all is good here

from a setup perspective so I'm going to

say success it works and then they're

telling me I can start setting up

additional devices so why don't we do

that now because part of our next

demonstration is going to involve an

Android phone so let me get the

tailscale app running on here and then

we'll have some fun so let's get the

Android phone going here next this is a

pixel 6A that in full disclosure Google

sent to the Channel free of charge to

review a little while back I'm going to

go and find the tailscale app in the

Google App Store and install it again

pretty small footprint here so it should

install very quickly and I'm going to go

over to open now and you can decide to

have it send you notifications or not

but we'll go through the initial

workflow here and just like before it is

looking for my login provider and

because I'm using Google I'm going to

hit that but you do have the option to

sign in with other providers here as

well but let me go into sign in with

Google and we'll see what happens next

alright so after I logged in just like

we saw on the Mac we do need to give it

some permissions here to connect up to

the rest of the network we did that and

check it out I've got both the Lenovo

gaming machine and my MacBook Air

available to me but we're not done yet

because I've got an iPhone I want to go

into so let me show you how the iPhone

works now on the iPhone tail scale is

available in the App Store I had it

installed previously so I'm going to

re-download it I'm going to click on

open here and it is pretty much the same

startup flow as before so I'm going to

click get started here and I'm going to

log into my Google account again then

I'll show you what the steps are after

that now on the iPhone tail scale is

going to hook into the iPhone's native

VPN capabilities so what it's going to

want is your iPhone's passcode to add

that configuration which I just typed in

here I'm going to click on done and then

it's also going to ask me for some

permissions here and as as before it's

going to ask me to log in with my Google

account or whatever identity provider

that I wanted to use with it and once I

do that it will then ask me if I want to

add this device to my network I'm going

to click on connect here and now it is

part of my network where I can see the

Lenovo gaming machine the MacBook and

now the pixel 6A and if I bring the

pixel 6A back out here again you'll see

that it is seeing the iPhone and now

these devices can all see each other no

matter where they are in the world but

if you didn't want it on all the time

you can just go over to the mobile app

here and click on the active button to

stop the connection and then to

reactivate it you just click it on again

so you can jump on and off only when you

need it if you don't want to have a

permanent connection so now what I want

to do is take this Windows computer and

move it to a totally different network

that's not accessible from the one that

I'm currently operating on and let me

give you a real world scenario that I

just did using tailscale let's get that

hooked up now my PC here is running a

piece of software called vmix This is

live video production software that I

use to produce video here on the channel

and one of the cool things about vmix is

that you can bring in video from long

distances using a protocol called SRT

and right now I've set up two SRT inputs

on vmix and what I want to do is have my

phones send video into vmix to kind of

simulate a remote production environment

where I've got a couple of phones out in

the field and this located back at

headquarters an hour away now because

the computer and my phones are on

different networks normally I would have

to open up a port on my router in order

for this to work in fact in this

instance I'll I would have to open up

two ports because I have two SRT inputs

waiting but because we have the computer

now on tailscale along with the phones

it's actually a lot easier and so what I

can do here is just tap on the Lenovo

gaming laptop here on my list which is

the PC that we're looking at here and

even though it's on a different internet

connection I can still connect via this

tailscale IP so I'm going to copy that

to my clipboard and let me load up my

SRT camera application now and connect

it to the computer now the app we're

using to send video into the PC here is

called lyrics broadcaster this is free

on IOS and Android at least for the SRT

video transmission and as you can see

here in the URL I have typed in the

tailscale IP that was assigned to our

Lenovo gaming PC which is what is

currently running vmix on a different

network and I'm also pointing it at Port

5000 which is the port that this

listener here is looking for so now that

I have that SRT connection set up let's

start transmitting video now to the vmix

computer and remember this phone is on a

different internet connection than the

PC but as you can see the video is

coming right through all we had to do

was install the tailscale client and

point this one at Port 5000 and all

seems to be working well here you will

notice there is a significant amount of

latency about two seconds worth but that

is something that I configured myself

because SRT is designed to build up a

bit of a buffer to account for

connection difficulties and you can dial

that down a little bit depending on your

individual situation here but altogether

it works great and this is something

that I actually did in the real world

the other day because some friends of

mine wanted help live streaming

something that was going on in my town

they live an hour away they couldn't get

down here quick enough to live stream

the event so I brought my phone with me

set up tailscale on their computer and

on the phone and I was able to get my

video sent right up to them without

having to go through a lot of

configuration on the router side it was

super simple let's see if my other other

phone will connect now all right so

here's the Android phone again on the

same network as the iPhone and a

different network than the computer and

boom just like that we got configured

here without having to poke holes in the

router just connecting to that tail

scale IP but what if you wanted to allow

one of your devices to be shared with

somebody but not all of them well

they've got a solution for that so let's

take a look at how to do it so if you

wanted to share something on your

personal account with somebody else what

you can do is go to the device that you

want to share and click on the share

button that's it you generate a link and

you send it over to them they do need to

have a tail scale account for this to

work but if they do what will happen

here after they click on the link is

that they will then be connected to your

device but only that device so for

example if I share this with my friend

the Lenovo computer

my friend would not get access to my

phone or my MacBook or my other phone

unless I specifically shared those

devices with them so you have a lot of

control as to how all of this works now

once a device is shared it will be

shared until you revoke that access so

whenever my friend logs into tailscale

now he's going to have access to my

Lenovo gaming computer at this IP

address but if I am done with him using

my computer I can click on the little

period icon here and go over to sharing

settings and just revoke their access

and once that is done they can no longer

connect to that computer even if they

use the tailscale IP address that they

were connecting to it with before so you

can very easily give somebody temporary

access and then remove it and what we

did when we did the video project with

my friend the other day was I had him

set up his own tailscale account at his

vmix computer to it and then share that

computer with me so the next time this

happens we don't even have to set up

anything you just have to boot it up and

I hit the button on the phone and we're

in but if he ever decides he doesn't

trust me anymore he can very easily

remove that access now it's important

though to understand how sharing works

so in the example we just did I shared

this computer out with somebody else now

when that person connects to this

computer they can interact with it but I

don't have access to the computer that

they're accessing from unless they share

that computer with me so if you want to

be able to send things back and forth to

somebody you have to share with them and

they have to share with you now you can

also install this on a network attached

storage device there are clients for

Synology and qnap and I think a few

other brands as well so let me get it

installed on a Synology Nas that I have

on the same network as this PC and I'll

show you some ways you can connect to it

from outside of your local network and

as you can see on my list of network

devices now that Synology is available

to us and if I go back to my Mac I can

take that IP address and type it into my

web browser and as you can see here once

I execute that it takes us right over to

the login screen so I can access the

Synology Nas like it was on my local

network but it is safely behind my

firewall so unless somebody has my

credentials and is logged into tailscale

they can't get in and what's nice about

this is that if you really wanted to use

your Nas features like Photo

synchronization and file syncing and all

the other things that they offer you can

now use them in the way that you would

like without the security issues of

having ports opened up on your router

and the whole setup process is pretty

much Plug and Play connect your Google

account and you're done now one last

thing to take a look at here and that is

its performance vpns typically have a

pretty big performance hit and this one

is no exception so what I'm doing right

now is running an i perf test where

we're sending a bunch of data from this

computer which is connected to a one

gigabit symmetrical fiber optic

connection to another one that's on a

six gigabit fiber optic connection and

both of these are through the same ISP

so we're not getting routed out to the

internet here and as you can see we

maxed out at around 33 megabits per

second or so on that test and that's not

unusual for one of these encrypted

networking Solutions there's a lot going

on before the packet leaves the computer

and a lot of it will depend on the

performance of the two computers talking

to each other this one is communicating

with a MacBook Pro a recent one so I

think this is pretty much the most I'm

going to see out of this connection here

but it's good enough for that SRT video

demo that we looked at earlier I'm only

pushing about seven or eight megabits

per second with that and I have found

the speed here varies quite a bit

between one test and the next so it's

something to just be aware of you're not

going to see see the full connection

speed that you would expect from a fiber

optic connection here but you've got

security and I think in many cases the

types of things that you might need to

do when connecting outside to inside are

not going to require all that much

bandwidth I'll end though I am very

impressed with tailscale especially due

to how easy it is to get up and running

if you know how to log into your Google

account you can get this to work and I

think for a lot of folks looking for a

quick and easy and secure solution this

is what I would recommend at this point

especially because you can connect up to

100 devices you don't have to do

anything to your router and it's very

easy to share devices with friends and

other folks that you may want to Grant

access to and you have a lot of control

over all of it this though is the tip of

the iceberg there is a lot more to this

night specifically did not cover in this

video because I wanted to direct it to

Casual users looking for a solution but

if you're interested we can look at some

other thing things you can do with

tailscale including using it more like a

traditional VPN where you can get access

to other computers on the local network

that are not connected to tailscale so

more to come let me know what you want

to see down in the comments below and

until next time this is lon seiben

thanks for watching this channel is

brought to you by the lawn.tv supporters

including gold level supporters Brian

Parker

Chris allegreta

hot sauce and video games

logic kgr

Tom Albrecht

and I'm the brown

if you want to help the channel you can

by contributing as little as a dollar a

month

head over to lawn.tv support to learn

more

and don't forget to subscribe visit

lawn.tv S