Well, I did it. No more port forwarding through my Unifi UDM Pro. Just tail scale running on my Ubuntu server (along with Roon core, hqplayer, Song Kong, dnsmasq, other stuff). It’s advertising LAN route’s too - for both my primary home and the second home i have set up with a Unifi site-to-site “magic” vpn. As well as working as an exit node. Tbh I never would have figured all that out without the impetus to close my frequently scanned Roon & Plex ports. So now, I lie in a hotel in Singapore listening to the Esbjörn Svensson trio via qobuz reliably streaming to my core in the states, and onward to ARC on my iPhone.
Plus, tail scale is a far better vpn for security purposes; I’m even going to give it a try when I’m in China next week to see if it will get me around the great firewall. (I’ll admit I bought an Airalo Chinacom eSIM as a backup). It’s much more transparent to leave “always on” and turn off when I’m, say, streaming video - vs other VPNs whose clients make me turn them on when I want security and think about it. This model is just better.
So thanks folks here who inspired me to give it a try. Learned about routes and advertising them, routing conflicts (with my always on site-to-site VPN) and resolving them, and closed me some ports. All good stuff!
You may (not) know this, but the built-in VPN server solutions on the UDMP will accomplish the same thing (WireGuard, Teleport, …). Outcome is the same, just one step less to get there.
Yes I just simply prefer the experience of tail scale on iOS, iPadOS, and macOS. - it’s kind of “on until I want it off” and stays more consistently persistent across WiFi/cell/ethernet connection changes and renegotiate more transparently vs say teleport or wire guard which are off until they are on and I find get turned off for a bunch of reasons.
I do use built-in for site-to-site and think teleport is incredible. But I’m learning more.
I agree with @Johnny_Ooooops on Tailscale vs UniFi. I manage 3 sites with UniFi, including Site Magic. All good, but Tailscale extends much better to mobile uses with Mac, iPads, and Android phones. I can be driving down the highway with my Tailscaled Pixel 8 Pro talking ARC to one of my Roon servers, with minimal fuss.
Can’t comment on tailscale as I never tried it out. I am currently using WireGuard on iphones and macs. it works with the flip of a switch. Can’t see it getting easier than that.
