I've recently installed tailscale as a plugin on my Unraid NAS with the *arr suite and random other things on it.
I was under the impression that once I had everything set up, I would be able to access my LAN services the exact same way remotely as if I was at home connected to WiFi, specifically with their local 192.168.1.x:xxxx addresses.
What I've found is that I can't do that with the local addresses, but tailscale provides me with a separate external address that I can use with the proper port numbers for the Unraid containers, which I've added via the subnet router function, although I don't totally understand how that works tbh.
Beyond that, I have a raspberry pi that runs home assistant, and I expected to be able to access that as well, but haven't been able to figure that out. Must I install tailscale on that device as well? I thought that by using my NAS as an exit node, I'd be able to get to it.
Tailscale can act as a site to site vpn, but it's best used as a meshvpn imo with as many things as possible in it.
Why? Because the dynamic dns is so powerful. Every host name automatically is in every other tailscale joined computer automatically. My NAS (Truenas in my case) is just "nas" so to access it it's just https://nas. Same with my rustdesk server on https://rustdesk. Jellyfin? You guessed it: https://jellyfin.
Why is this cool? I moved my box between other networks and it just works again. No ips changed.
I take it to work. It just works. I keep one server at my parents place? It just works.
But my printer doesn't have the ability to join the tailnet so I use subnet routing to create a node on that network to act as a NAT router to get to and from that printer.
You can even define exit nodes so if I install tailscale on my parents TV in another state, they can exit their internet via my home which has my IP and therefore Netflix counts it as inside my residence.
Anyway just some considerations. I generally use the subnet routing as a last resort. My 3 node proxmox cluster is all joined and if I took a node to my parents it would literally just work, if slower, as a cluster member. Crazy. Very cool
Wouldn’t it be better to just set up your own VPN tunnel to be independent? I mean, you have a Pi running..
Use dynDNS if your puplic address is not static. Of course, you need a domain for that, but if you don’t need a fancy name, they are pretty cheap.
Or is there another reason why you have chosen tailscale?