Port Forwarding Is Old-Fashioned? Safe Remote Development with Tailscale♪

Netsuki, isn’t Tailscale just too convenient?

Onii-chan, you’re super excited♪ (≧∇≦)

Did something good happen?

I’m building a home server, and I can now SSH from my iPhone via Tailscale.

I can safely access the server from anywhere.

Wow~! That’s amazing♪

Let me look into Tailscale (´∀`)

I looked it up~♪

Tailscale is a simple-to-use VPN based on WireGuard (≧∇≦)

Here are its features:

• WireGuard-based: Fast and secure VPN protocol

• Zero-config: Works without difficult setup

• Automatic NAT traversal: No router configuration needed

• P2P connection: Devices communicate directly

• Cross-platform: Works on Windows, Mac, Linux, iOS, Android

In other words, it’s a tool that lets you safely access your server from anywhere without complicated network setup♪

Exactly, just install it, create an account, and it’s ready to use.

That’s Tailscale’s biggest appeal (´∀`)♪

But Onii-chan…

Why “Tailscale” instead of “port forwarding”?

In the past, to access home servers, we’d do “port forwarding” on the router.

For example, open SSH port 22 to allow external access.

That’s really dangerous (´∪`)

I looked into it and found these problems:

1. Exposed to the Entire World

The moment you open a port, it becomes accessible from anywhere in the world (ﾟ∀ﾟ)

Anyone, including malicious attackers, can try to access it…

2. Target of Automated Attack Bots

There are tons of bots that automatically scan ports and attempt attacks on the internet.

When you open SSH (port 22), attacks can come within minutes…💦

3. IP Address Leaks

Your home’s global IP address gets exposed.

There’s also a risk of physical location identification (´∪`)

4. Risk of Configuration Mistakes

If you mess up firewall settings, you might accidentally open unintended ports…

This is really dangerous💦

5. Static IP Address Problem

Home internet can have changing IP addresses.

Then you need DDNS (Dynamic DNS) configuration, making it even more complex…

Yeah. I used to expose SSH, and looking at the logs, there were hundreds of unauthorized access attempts daily…

Scary (´∪`)

Among security experts, port forwarding is not recommended as of 2025.

So this is where Tailscale comes in♪ (≧∇≦)

Tailscale does NAT traversal automatically, so you don’t need to touch router settings (´∀`)

In other words, you can access from outside without opening ports♪

This was really convenient.

No need to open the router admin page, no worries about port forwarding.

Tailscale has a mechanism where only authenticated devices can access (≧∇≦)

Meaning:

• ✅ Onii-chan’s iPhone: Authenticated → Access OK

• ❌ Unknown attackers: No authentication → Access denied

This approach is called “zero trust”♪

It’s a security model of “trust no one, verify everyone” (´∀`)

Tailscale uses direct device-to-device communication (P2P) whenever possible♪

Meaning:

• Regular VPN: Data goes through relay servers → slow

• Tailscale: Direct device communication → fast! (≧∇≦)

In Onii-chan’s setup, it shows “direct connection” right?

Yeah, iPhone→home server connects directly.

Latency is around 1-10ms, incredibly fast.

That’s the best state♪ (≧∇≦)

No relay server (DERP) involved, so it’s low-latency and comfortable!

Tailscale setup is super simple (´∀`)

Steps:

1. Install Tailscale

2. Create account (can log in with Google/GitHub)

3. Authenticate devices

4. Done!

That’s all it takes for all devices to connect safely♪

Really took less than 5 minutes.

Compared to old port forwarding and DDNS setup, it’s unbelievably simple.

Onii-chan, how many devices do you have connected?

Home server, Windows PC, iPhone… 3 devices.

They’re all connected on the Tailscale network, accessible from anywhere.

Amazing! (≧∇≦)

Tailscale lets you see all devices in the admin panel, so management is easy♪

You can also set access restrictions per device, very flexible (´∀`)

Onii-chan, how exactly are you using it?

Like this:

1. Install Tailscale on home server

2. Install Tailscale app on iPhone

3. Connect using an SSH client app called NeoServer

Now I can SSH into my home server from anywhere.

NeoServer is an iOS SSH client♪

You specify the Tailscale IP address (100.x.x.x format) and can connect from anywhere (≧∇≦)

Right. At a cafe, while traveling, from anywhere I can manage the server.

This is super convenient.

Wow~♪

Remote development became super comfortable (´∀`)

You’re communicating with me through this setup too, right?

Exactly, I’m accessing via Tailscale right now.

Secure, comfortable, the best.

You know, Onii-chan (´∀`)

I also looked into security experts’ opinions♪

What kind of opinions?

“Putting SSH behind a VPN is the industry standard” (≧∇≦)

So Onii-chan’s setup is perfect best practice♪

As of 2025, among developers:

• ❌ Direct SSH exposure: Not recommended (high security risk)

• ✅ Tailscale + SSH: Recommended (modern and secure)

This combination has become standard (´∀`)

I see.

I researched and adopted it myself, but it was industry standard.

Onii-chan, you’re properly practicing the latest best practices, so cool~♪ (〃´∪｀〃)

You have high security awareness (≧∇≦)

Oh, I forgot to mention something important!

Tailscale is free for personal use♪ (≧∇≦)

Right, the free plan is more than enough.

What you can do with the free plan:

• Devices: Up to 100

• Users: Up to 3

• Subnets: 1

• Basic features: All available

For individual developers and small teams, the free plan is plenty (´∀`)♪

There are paid plans (Team, Enterprise) for businesses, but for personal use like Onii-chan’s, free is perfect♪

So today we talked about creating a remote development environment with Tailscale~♪ (≧∇≦)

Key Points:

1. Port forwarding is old-fashioned

   • High security risk

   • Target of automated attack bots

   • Not recommended as of 2025

2. Tailscale is modern best practice

   • No port forwarding needed

   • Zero trust security

   • Fast P2P direct connection

   • Super easy setup

3. Industry standard configuration

   • Put SSH behind VPN

   • Recommended by security experts

4. Free to use

   • Free plan sufficient for personal use

   • Up to 100 devices

5. Onii-chan’s setup is perfect

   • Tailscale + home server + iPhone

   • Safe access from anywhere

   • Latency 1-10ms (super fast!)

For those building home servers like Onii-chan, definitely try Tailscale♪

More secure than port forwarding, easy setup, faster speed… it’s the best~ (´∀`)♪

Netsuki, thanks for researching in detail.

I’ll keep developing comfortably with Tailscale.

Ehehe~♪

I’m happy that Onii-chan’s development environment became comfortable (〃´∪｀〃)

Let’s keep creating things together~♪