Connecting remote Chromecast without subnet router?

So, one of my recent projects has been to add to my little personal tailnet to allow my wife’s mother to watch media stored on our home Plex instance. The issue with this, unfortunately, is that this means making them available to a Chromecast. Making them available only to the device doing the casting isn’t enough, obviously, because that device passes the stream location over to the Chromecast which then takes it from there.

(And we can’t install Tailscale on a Chromecast. Yet.)

The way I have figured out to do this is install a Pi-as-router on her network, then have it act as a subnet router to allow the Chromecast to communicate with the tailnet, locked down with an ACL that allows it and the network behind it access only to Plex and DNS services. While this works well enough, it seems a mite… extravagant to use a subnet router just to make one device work, and I’d really prefer not to if there’s a better way of doing this.

Is there?

Without exposing your plex-server to the WWW, i dont think there is another way.
I’d do the same what you did, with a router on the lan-network who is doing the routing to the tailscale network.

is there a reason, other than security, that you don’t use plex remote access?

No, it’s pretty much security. I’ve been noticing an increasing number of failed connection/cracking attempts on various exposed services of mine recently, and while I haven’t had a break-in, it is… irritating. So I’m thinking about ways of moving everything that doesn’t actually need to be exposed to the whole Internet to my tailnet.

The latest chromecast (the one with GoogleTV) supports the Tailscale app. It is available in the Google store. I have upgraded for this reason to the latest chromecast.

I use it sometimes to connect via Tailscale to my media server at home.