Access Synology NAS from anywhere
Tailscale makes it easy to securely connect to your Synology NAS devices over WireGuard®.
Tailscale is free for most personal uses, including accessing your NAS.
Visit the Synology Package Center (tutorial).
Search for and install the Tailscale app.
Once the app is installed, follow the instructions to Log in using your preferred identity provider. If you don’t already have a Tailscale account, a free account will be created automatically.
Now your Synology NAS is available on your tailnet. Connect to it from your PC, laptop, phone, or tablet by installing Tailscale on another device.
When used with Synology, Tailscale supports these features:
- Web-based login to any supported identity provider.
- Access your Synology NAS from anywhere, without opening firewall ports.
- Share your NAS with designated Tailscale users, using node sharing.
- Restrict access to your NAS using ACLs.
- Use your NAS as a subnet router to provide external access to your LAN. (Currently requires command-line steps.)
- Use your NAS as an exit node for secure Internet access from anywhere. (Currently requires command-line steps.)
Limitations & known issues
The first release of our Synology package (1.9.156) has a few limitations you should be aware of:
If you upgrade Synology from DSM6 to DSM7, you will need to uninstall and then reinstall the Tailscale app. Do not perform the Synology DSM7 upgrade over Tailscale or you may lose your connection during the upgrade.
We always use hybrid networking mode on Synology, which means that if you share subnets, they will be reachable over UDP and TCP, but not pingable.
Other Synology apps cannot make outgoing connections to your other Tailscale nodes yet. Only incoming connections work right now.
Tailscale on Synology currently can do
--accept-routes. This means that if you have other subnet routers, devices on those other subnets will not yet be able to reach your NAS or devices on its local subnet.
Subnet routing and exit nodes can only be configured from the command line right now, not the web GUI.
The Tailscale package configures Synology port forwarding for port 443. This can lead to conflict with other services that also require port 443 like nginx.
We intend to fix all these issues in subsequent releases.
See our Synology tracking issue on GitHub for the latest status on the above issues.
If you run into problems, email us at [email protected] or visit the linked GitHub issues.