Skip to content
Server Management

Connect Your Home Network from Anywhere in the World with Raspberry Pi

Easily connect to your home network from anywhere using a Raspberry Pi and Tailscale. This guide provides step-by-step instructions to set up a secure VPN, allowing seamless access to your network on Android, Windows, Mac, and Linux devices.

5 min read
Virtual Private Network

In this guide, we’ll explore how to set up a VPN server using a Raspberry Pi with Tailscale, allowing you to securely connect to your home network from anywhere in the world.

✮ Copy All Commands from here:

Supported Raspberry Pi Models

The following Raspberry Pi models are suitable for this setup:

  • Raspberry Pi 4 (recommended for better performance)
  • Raspberry Pi 3 Model B+
  • Raspberry Pi 3 Model B

Benefits of Using Tailscale

Using Tailscale offers several advantages:

  • No Port Forwarding Required: Tailscale establishes connections without the need for port forwarding on your router.
  • Easy Setup: Simple installation and configuration process.
  • Secure Connections: All traffic is encrypted end-to-end, ensuring security and privacy.
  • Cross-Platform Support: Works seamlessly across various devices and platforms.

Step-by-Step Guide

Step 1: Install Tailscale on Raspberry Pi

Update your system:

sudo apt-get update sudo apt-get upgrade

Install Tailscale:

curl -fsSL https://tailscale.com/install.sh | sh

Start Tailscale and authenticate:

sudo tailscale up

This command will prompt you to visit a URL in your web browser to authenticate your Raspberry Pi with your Tailscale account. Follow the instructions to complete the authentication.

Step 2: Connect to Your Raspberry Pi Using Tailscale

Find your Raspberry Pi’s Tailscale IP address

tailscale ip -4

This command will show the Tailscale IP address assigned to your Raspberry Pi.

Connect to your Raspberry Pi from your client device: Use an SSH client (like PuTTY on Windows or the terminal on macOS/Linux) to connect to your Raspberry Pi using its Tailscale IP address:

ssh pi@tailscale-ip-address

Replace “tailscale-ip-address” with the actual Tailscale IP address of your Raspberry Pi.

Step 3: Ensure Tailscale Starts on Boot

Enable Tailscale to start on boot:

sudo systemctl enable tailscaled

Reboot your Raspberry Pi to verify:

sudo reboot

TROUBLESHOOT : IF YOU GOT ANY ERROR

Step 1: Check Tailscale Connection

Make sure your Raspberry Pi is properly connected to Tailscale:

tailscale status

This command should show your Raspberry Pi as connected to the Tailscale network, along with the other devices in your Tailscale network.

Step 2: Check Firewall Rules

Ensure that there are no firewall rules blocking SSH connections:

sudo iptables -L

Look for any rules that might be blocking port 22 (the default SSH port). If needed, you can allow SSH connections:

sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT

Step 3: Check Network Configuration

Verify that your Raspberry Pi is reachable on the network. From another device in your Tailscale network, try pinging your Raspberry Pi:

ping <tailscale-ip-address>

Replace <tailscale-ip-address> with the actual Tailscale IP address.

Step 4: Connect with Verbose Output

Try connecting to your Raspberry Pi with verbose output to see more details about the connection process:

ssh -vvv pi@<tailscale-ip-address>

This will provide detailed output that can help diagnose where the connection is failing.

Step 5: Restart Tailscale

Sometimes, restarting the Tailscale service can resolve connectivity issues:

sudo systemctl restart tailscaled

Step 6: Re-authenticate Tailscale

If all else fails, try re-authenticating Tailscale:

sudo tailscale down sudo tailscale up

CONNECT YOUR OUTSIDE NETWORK DEVICES (LET SAY ANDROID)

Step 1: Install Tailscale on Your Raspberry Pi and Android Device

It sounds like you already have Tailscale installed on both your Raspberry Pi and Android device, and that they are both authenticated to the same Tailscale network. If not, follow the installation and authentication steps previously mentioned. (OR END OF THE ARTICLE/LAST SECTION)

Step 2: Enable Subnet Routing on the Raspberry Pi

To allow your Raspberry Pi to route traffic from your Android device to its local network, you need to enable subnet routing. This will require you to advertise the subnet that your Raspberry Pi is on.

Find the local subnet of your Raspberry Pi:

ip -4 addr show wlan0

Replace wlan0 with the network interface you are using. Look for the subnet address (e.g., 192.168.1.0/24).

Advertise the subnet with Tailscale:

sudo tailscale up --advertise-routes=192.168.1.0/24

Replace 192.168.1.0/24 with your actual subnet.

Step 3: Enable IP Forwarding on the Raspberry Pi

To route traffic between different networks, you need to enable IP forwarding on your Raspberry Pi.

Enable IP forwarding:

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

Make IP forwarding persistent: Edit the sysctl configuration file:

sudo nano /etc/sysctl.conf

Uncomment or add the following line:

net.ipv4.ip_forward=1

Apply the changes:

sudo sysctl -p

Step 4: Configure Firewall/NAT on the Raspberry Pi

You need to set up Network Address Translation (NAT) to allow devices connected via Tailscale to access the local network.

Set up iptables for NAT:

sudo iptables -t nat -A POSTROUTING -s 100.64.0.0/10 -o wlan0 -j MASQUERADE

Replace wlan0 with the correct network interface.

Make iptables rules persistent: Install iptables-persistent to save iptables rules:

sudo apt-get install iptables-persistent sudo sh -c “iptables-save /etc/iptables/rules.v4”

Step 5: Enable Exit Node on Raspberry Pi

To route all traffic from your Android device through your Raspberry Pi (using it as an exit node):

Enable exit node:

sudo tailscale up --advertise-exit-node

If You got any issues to turn on exit nodes, please follow this article: https://tailscale.com/kb/1103/exit-nodes?tab=linux

Final Step: Connect Devices to Tailscale Network

Install the Tailscale app on your devices (Windows, macOS, Linux, Android, iOS):

Installing Tailscale App

Windows, macOS, Linux

  1. Download the Tailscale installer from Tailscale’s website.
  2. Follow the installation instructions provided by Tailscale.
  3. Log in to your Tailscale account after installation.
  4. Connect to your Tailscale network.

Android

  1. Open the Google Play Store.
  2. Search for “Tailscale” and install the app.
  3. Log in with your Tailscale account credentials.
  4. Tap on your network and connect.

iOS

  1. Open the App Store.
  2. Search for “Tailscale” and install the app.
  3. Launch the app and log in with your Tailscale account.
  4. Tap on your network to connect.

Connecting to Tailscale Network

After installing the app:

  • Log in with your Tailscale account credentials.
  • Select your network and click or tap to connect.
  • Once connected, you’ll have secure access to your home network from anywhere in the world.

Now that your devices are connected to the Tailscale network, you can seamlessly access your home network’s resources. Next, we’ll explore how to securely access local devices and services using this setup.

Share article

Subscribe to my newsletter

Receive my case study and the latest articles on my WhatsApp Channel.