For quite some time I have been looking for a way to remotely connect to devices in my home network in a reliable and safe manner. My main goal was to stream music from my Logitech/Lyrion Media Server (LMS). I discovered a lot of different solutions during my research, including Open VPN, Wiregurad, Fritzbox with myfritz, port forwarding, DynDNS, Portmappers, SSH-Tunneling and others. All of them work to some extent, but not without producing new problems including the need for an assigned IPv4 address, the inability to use IPv6 from the network my device was connected to, safety issues and other minor and major annoyances.
Being absolutely certain that there must be a user friendly, easy, secure and reliable solution out there I kept looking until I finally found it: Tailscale is offering all of the above and does so even for free.
Along the way I realized that there are a lot of people looking for reliable remote access to LMS and other services in their home network while the necessary information is scattered along several sites, blogs and messaging boards. Thus I decided to collect all the info at one place so that you can stream your music everywhere via LMS, too.
There are a few prerequisites though:
If all of the above is true, the next steps are easy. If you need to get familiar with one or more of these things, there are a lot of resources that you can find with some googleing.
Step 1: Setting up the Tailscale Subnet Router
First you need to set up your Tailscale account: login.tailscale.com/login.
To make use of Tailscale in the way I am describing you then need to set up a device that works as a subnet router inside your home network. I went for a Raspberry Pi 3 with Raspberry Pi OS. Installing and setting up Tailscale is done in just a few steps which are described in the Tailscale docs: tailscale.com/download/linux/rpi. You just have to select the correct item in the dropdown menu according to your version of Raspberry Pi OS.
Now you have to set up your Raspberry to work as a Tailscale subnet router. This means that it routes all (or, in this case, some) requests from the connected devices to your home network. There also is an excellent how-to in the Tailscale docs: tailscale.com/kb/1019/subnets/#step-2-connect-to-tailscale-as-a-subnet-router. Basically one line does the trick: tailscale up --advertise-routes=192.168.149.0/24. Be sure to use the according values from your home network for the first three number blocks.
This line tells your subnet router to route only requests to the IP 192.168.149.x (or your own network IP) to your home network. All other requests (and thus, IP addresses) are treated as they normally would be. I also disabled key expiry on my subnet router to prevent it from losing connection every 30 days or so: tailscale.com/kb/1028/key-expiry.
Step 2: Setting up Tailscale on your device
To remotely reach your LMS from your device (let’s say your smartphone) you have to install Tailscale on it. There are apps for every major OS. Once installed you log in to your account and then are able to connect to your Tailscale VPN including your subnet router at home. This means you cannot randomly connect to your LMS with every device but rather have to install Tailscale first and log in. This may sound inconvinient but in my opinion it’s in fact a big advantage because this way only devices that are supposed to can connect to your home network.
Step 3: Accessing your LMS from outside your home network
Once Tailscale VPN is turned on on your phone you can now access your LMS using it’s assigned IP in your home network (e.g. 192.168. 149.27:9000). To be able to stream music to your device it has to be registered with your LMS as a player. On Android I am using SqueezePlayer, on iOS iPeng for this. Both apps are pay-to-use.
You can control playback with the web GUI of LMS, for convienience reasons I use apps as well. For Android I can recommecnt Orange Squeeze, Squeeze Ctrl and Squeezer empfehlen. They’re pay-to-use as well and all have more or less the same functionality but different UI. On iOS I also use iPeng.
This setup works quite well and reliable for me. Only when I am switching networks I experience a short connection losses. I mainly use Tailscale for streaming music with LMS but also for streaming movies via Kodi. In theory also it would also be possible to access a file server, home automation and other local services.
A few remarks at the end: Of course streaming is subject to the upstream of your internet connection at home. At least for music streaming a lower bandwith should suffice. On the receiving end streaming has an impact on your mobile plan. Depending on the format and/or bitrate of your music this can amount to a few gigabytes over time. LMS has a per-player setting for transcoding streams to a lower bandwith if that’s an issue.
With Tailscale’s free plan you can connect up to three users and 100 devices – this should be enough for most private use cases. While there might be more elegant or sophisticated solutions, this in my opinion this is by far the most convinient way while still offering great security.
I hope this short guide has been of help to you and please support one or more of the developers of the excellent apps I mentioned by buying them if you can.