Hi,

I an currently trying to add remote access to 2 of my servers but didn’t manage to get a working setup as is.

Right now I want to access 2 servers:

  • one is for media stuff (navidrome, jellyfin, managing the arr stack)
  • one is for my data syncing with rsync and after set a backup from borg to another server not on my domain

I was trying at some point to add stuff such as tailscale, but somehow I always had issues with having both servers reachable within the IP range I use on my local network, so everything would work as is with the current config at home being away. I have also heard of cloudflare tunnels as well, but that I didn’t try yet. At some point I tried to do just a regular wireguard from my opnsense, but I would prefer not to have open ports to worry about (and also had issues with internal IP not being assigned from wireguard as well).

Does anyone here has experience with this? If so, what was your solution and/or caviats to it?

EDIT: I got some very good responses but I think I failed to understand that what I would need is probably a hop in server of sorts for the VPN. Meaning:

  • I login to the hop server
  • I get an internal IP for my network, meaning, 192.168.1.xxx
  • I do whatever I need to do
  • log out

Does anyone has experience with such solution? My point would be able to have full access to everything on the network without having to do a VPN on every machine i need access to (although it can create a massive single point of failure/risk)

  • StrawberryPigtails@lemmy.sdf.orgEnglish
    9·
    9 hours ago

    The way Tailscale works, you don’t need to worry to much about your local IP address. You can just use the Tailscale IP address and it will connect as if you were local using the fastest route. That’s the beauty of a mesh VPN. Each device knows the fastest route to each other.

    Without more information I can’t really tell what issue you are actually having, but if your system has internet, you have a local IP and if the system is showing as up on your tailscale dashboard than it will have a tailscale IP. Not being able to connect using one or the other would be a configuration issue. Whatever service you are having trouble with is probably only listening to one of the interfaces but not the other.

    I’m assuming you are running a linux or unix box, but try running the command ip addr. Assuming you have the package installed, it will tell you all of your IP addresses for the system you run the command on. The list may be quite long if you have a lot of docker containers running. The command tailscale ip will do the same but limited to your tailscale IP addresses.

    • mrnobody@reddthat.comEnglish
      1·
      6 hours ago

      How did you config tail scale though? Are you using some Apple or MS author account? I want to stay away with using one of their services to “authorize” connecting to my own server

      • StrawberryPigtails@lemmy.sdf.orgEnglish
        2·
        5 hours ago

        Are you using some Apple or MS author account?

        Google and Github SSO were the only options when I originally setup tailscale. There are a few more options now including what looks like every self-hosted OIDC provider I’ve ever heard of, and a few I hadn’t.

        How did you config tail scale though?

        There are a couple options depending on how you are using it. Most of the time I just use the tailscale command to configure each node.

        Most systems were just sudo tailscale up --ssh to get it up and running, although I have one system setup as a subnet router to give me outside-the-house access to systems that I can’t put tailscale on. That was a little more involved but it was still pretty straightforward and well documented. Their documentation is actually very well written and is worth the read.