I need to access a network that is located behind a Deutsche Glasfaser connection and only has an IP V6 address. Here most services do not work so easily and only with a lot of effort in the configuration. In short, for me it was not so easy to set up an OpenVPN server or PiVPN server to remotely access the network behind the Deutsche Glasfaser connection. After a few hours of trying and not really getting a usable configuration up and running I ended up with Tailscale. Tailscale convinced me with its very simple installation and configuration and for my purposes it is ideal. So I can easily remotely access two remote networks that I would like to reach. For this private purpose, Tailscale is also free.
So I want to briefly introduce you to Tailscale as I understand it and document here how I set everything up.
Register at Tailscale
My goal is to access two different networks via Tailscale. In each network a Raspberry Pi with Tailscale is in operation which releases the network so that I can access the two networks remotely with my Windows computer. The following picture is my attempt to show how the architecture will look like with the Tailscale service where all three devices log in.
If you have such a problem or want to achieve a similar goal, this service might be something for you. First of all you have to create an account at Tailscale. This is important because here you have to authenticate the individual devices that you want to reach in the Tailscale network as clients. The communication of the individual devices, i.e. the data that is sent back and forth, does not run through the Tailscale server. The service of Tailscale only makes all devices known to each other. So I have to trust the service and give away more than if I run my own OpenVPN server on my Raspberry Pi and make it accessible from outside.
But now you have to create an account at Tailscale via the following link:
URL: https://login.tailscale.com
For my small description here you need a free account with one user. Then you install a fresh Raspbian on your Raspberry Pi and boot it.
Install Tailscale on a Raspberry Pi
After your Raspberry Pi is freshly booted, all updates are installed and then you can install Tailscale. Please execute the following commands one after the other as listed.
Command: sudo apt-get update
Command: sudo apt-get upgrade
Command: curl -fsSL https://tailscale.com/install.sh | sh
Now you should see the following output in the terminal window.
Now Tailscale is installed on the Raspberry Pi and a URL is displayed in the console which you have to open now. This URL will add your Raspberry Pi as a device to your Tailscale account. Now it should show up in your dashboard.
As soon as your device, i.e. the new Raspberry Pi, has been successfully connected to your Tailscale account, the message “Success” will appear in the terminal window. From now on your Rasbperry Pi is reachable via the Tailscale network.
Share the Tailscale network
Since I want to access all devices in my network in a comfotable way, I have to make the network completely accessible via Tailscale. This can be done with the following commands.
Command: tailscale down
Please make sure that you specify the network room / network area that reflects your network.
Command: sudo tailscale up --advertise-routes=192.168.178.0/24
When you have executed the command, a URL appears again in the terminal that explains the further steps. For me it was the following URL to the date on which I wrote this report.
URL: https://tailscale.com/kb/1104/enable-ip-forwarding/
Please execute the following three commands in the console of your Raspberry Pi.
Command: echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
Command: echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
Command: sudo sysctl -p /etc/sysctl.conf
Tailscale Web Dashboard Configuration
Afterwards you have to open the console of your Tailscale account for exactly this Rasbperry Pi by clicking the three dots on the right side of the display and selecting “Edit route settings…”.
The following picture shows the menu you have to open to access the configuration.
Now activate the routing in the window that opens. From now on the whole network behind the Rasbperry Pi is reachable via Tailscale.
So that your computer with which you want to access the devices in the Tailscale network, so in my case it is two Raspberry Pi devices that each share the network behind, must still be executed on this device the following window in the command line.
Command: tailscale down
Command: sudo tailscale up --accept-routes
From now on I can access the two networks behind the two Rasbperry Pi devices with my Windowsrecher from anywhere in the world very easily via the IP addresses.
Summary:
I have been running the Tailscale service for a few days now and have successfully logged on to the two target networks from different networks with my Windows computer. I am so far satisfied that everything works well and have not encountered any problems. The ease of installation and centralized management make this service very attractive to those who are not network specialists and are limited by IP6 and a lite fiber connection. Eventually I will deactivate the service via a cron job at certain times so that it does not run 24 hours a day.
Recent Comments