Would love to hear what I may have missed!
DDNS with port forwarding on DSM HTTPS port only. I have changed the ports used for DSM from the defaults as recommended. Since implementing TailScale, I have been considering closing some of the other methods off as TailScale appears to be the better alternative.
Tailscale was a game changer. Super light-weight vpn that just works and is super easy to implement.
Twingate … though I just spun up a Tailscale connection. One aggravation with Twingate is it makes you authenticate on every reboot/shutdown. Not huge issue for a tech guy, but aggravates my non-technical users that I’m backing up.
Any reason why you guys are using Tailscale instead of OpenVPN?
Tailscale is based on WireGuard: it just makes it simple to configure everything, and it adds the possibility of establishing end-to-end encrypted channels from pretty much everywhere, without opening any port on your router (using their servers). Out of the box you get a mesh network, where all your devices see each other, but nothing is exposed to the Internet (though you have that option, using funnels).
Finally, just talking about WireGuard, it is a much more modern protocol than OpenVPN: it is significantly faster, smaller, and easier to secure.
If you like the idea of Tailscale, but you are not comfortable using their servers, take a look at Headscale, which is an open-source implementation where you have to use your own servers.
Thank you for the feedback @taglia !
I was just trying Tailscale, but I’m still having an issue with Synology Photos, I can’t play videos due to an invalid certificate, and the app is asking me toggle “Play video via HTTP”, the thing is that my port 5000 is not open, and I would like to still play those video through the VPN.
Do you have any idea on how to fix it?
Thank you
You can enable HTTPS through Tailscale, all without opening ports to the Internet. Take a look at this guide. I have been using that for several months, and it all works flawlessly on port 5001.