Jump to content

[Plugin] Tailscale

EDACerton

By EDACerton
in Plugin Support

Recommended Posts

Recommended

Posted by EDACerton,

Common Issues I can't access the WebGUI after logging in to Tailscale This is usually caused by enabling the "Use Tailscale Subnets" feature. This feature isn't needed for most installs. Usually, if this happens the WebGUI is still accessible via the Tailscale IP/name. Try connecting via that address, then disable "Use Tailscale Subnets". If you don't know the Tailscale IP for your server, you can get it from ano
Recommended by EDACerton
  • Thanks
  • Like

6 reactions

Go to this post
  • Replies 959
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

EDACerton
EDACerton

Tailscale     Tailscale is a VPN service that makes the devices and applications you own accessible anywhere in the world, securely and effortlessly. The service handles complex netw

EDACerton
EDACerton

Common Issues I can't access the WebGUI after logging in to Tailscale This is usually caused by enabling the "Use Tailscale Subnets" feature. This feature isn't neede

EDACerton
EDACerton

2023.05.25b Update Tailscale to 1.42.0 Add Tailscale web interface to Settings page Add page for Tailscale / plugin logs Switch Taildrop implementation to use native Unrai

Posted Images

EDACerton Enthusiast

EDACerton

Posted
  • Author
Posted
12 minutes ago, Jozodr said:

well, servers are not in same location.

I don’t think you’re understanding my question. 
 

There are two different ways to access SSH via Tailscale. 
 

You can install Tailscale, leave “Tailscale SSH” off, and then connect to SSH using Unraid user/pass. 
 

You can alternately turn “Tailscale SSH” on, which replaces the built-in Unraid SSH server with one that uses Tailscale grants to control access. 
 

Tailscale SSH has its use cases, but is more complex to manage. What are you hoping to accomplish by using that alternative functionality?

Link to comment
Jozodr Noob

Jozodr

Posted
Posted

Thanks for clarifying this aspect, makes sense and I should read the documentation more slowly.

While setting up tailscale on my servers I enabled ssh in admin console and forgot it. Obviously if I have red the explanation how this works I would go into the rabbit hole of ACLs.

Thanks for your help, much appreciated!

Link to comment
EDACerton Enthusiast

EDACerton

Posted
  • Author
Posted
7 hours ago, spyrosj said:

I've got a weird issue where I cannot access SMB from the server's tailscale IP but can resolve it by removing "tailscale1" from "include listening interfaces" in the Network Settings and adding it again. I've attached my diagnostics.

Tower-tailscale-diag-20240909-144937.zip 229.1 kB · 1 download

Thanks for the diagnostics... if you update to the latest release (2024.09.09), that issue should be fixed.

Link to comment
Goldmaster Explorer

Goldmaster

Posted
Posted (edited)

Well here's something very strange is that I disabled netbios as per the banner to be able to access shares when on talescale and I can access shares on Windows devices, but not on android no matter what file app I use, I can't access unraid shares whether I am using talescale or not.

I have found that the share does not show, but if i put in the ip address and as guest can then browse. not sure what's going on here or why turning off netbios has done that.

Edited by Goldmaster
no password needed
Link to comment
Raul Perte Noob

Raul Perte

Posted
Posted

My previous solution does no longer work. Since I migrated from the Docker to the plugin, do I need to run the `tailscale up --accept-routes=false --advertise-exit-node --advertise-routes=192.168.0.0/24,192.168.1.0/24` each time? 

I previously was able to use 192.168.0.1 from the mobile phone, but now I can't. Thanks for your help!

Link to comment
EDACerton Enthusiast

EDACerton

Posted
  • Author
Posted
4 hours ago, Raul Perte said:

My previous solution does no longer work. Since I migrated from the Docker to the plugin, do I need to run the `tailscale up --accept-routes=false --advertise-exit-node --advertise-routes=192.168.0.0/24,192.168.1.0/24` each time? 

I previously was able to use 192.168.0.1 from the mobile phone, but now I can't. Thanks for your help!

You only need to run the command once. Remember to approve the route in the Tailscale admin console. The plugin is effectively a "new" computer from Tailscale's perspective, so the approval for the docker container doesn't get copied over.

Link to comment
Raul Perte Noob

Raul Perte

Posted
Posted
4 hours ago, EDACerton said:

You only need to run the command once. Remember to approve the route in the Tailscale admin console. The plugin is effectively a "new" computer from Tailscale's perspective, so the approval for the docker container doesn't get copied over.

That is what I did. However, something is wrong because I cannot access the LAN IPs anymore, even though the nodes are advertised and are approved in Tailscale Admin. 

Link to comment
Grohmand Noob

Grohmand

Posted
Posted

I installed it on the server and I do not have tailscale subnets on, but I noticed that I can no longer connect to server through it's' normal IP, and I can ping the tailscale IP but no web interface. The only differences compared to before is I have CGNAT here and I am wondering if tailscale is conflicting? Even though it's working fine on another PC here, is there any troubleshooting steps I can take? 

Link to comment
EDACerton Enthusiast

EDACerton

Posted
  • Author
Posted
11 hours ago, Raul Perte said:

Attached! Thanks for your help, once again.

diags.zip 250.43 kB · 0 downloads

Something is weird in your diagnostics... the "tailscale status" is blank, and I don't see any IPv4 entries from Tailscale in your routing table.

 

I'd try this:

  1. Run "Erase Configuration" in the Tailscale settings.
  2. Delete the server from the Tailscale admin console.
  3. Restart the server
  4. Log in again and re-advertise the routes.
Link to comment
Grohmand Noob

Grohmand

Posted
Posted
17 hours ago, Grohmand said:

I installed it on the server and I do not have tailscale subnets on, but I noticed that I can no longer connect to server through it's' normal IP, and I can ping the tailscale IP but no web interface. The only differences compared to before is I have CGNAT here and I am wondering if tailscale is conflicting? Even though it's working fine on another PC here, is there any troubleshooting steps I can take? 

To add on to this, I can only regain access back to the machine by wiping the authentication from Tailscale and rebooting my server losing diagnostics logs in the process, would any additional information help from network settings? I tried to run nmap and all ports seem closed on tailscale IP and the other IP just seems inaccessible to ping or even access after tailscale gets turned on. 

Link to comment
EDACerton Enthusiast

EDACerton

Posted
  • Author
Posted
2 hours ago, Grohmand said:

To add on to this, I can only regain access back to the machine by wiping the authentication from Tailscale and rebooting my server losing diagnostics logs in the process, would any additional information help from network settings? I tried to run nmap and all ports seem closed on tailscale IP and the other IP just seems inaccessible to ping or even access after tailscale gets turned on. 

I'd try the steps in the post right above this one to start.

 

If that doesn't work, and you have access to the server itself:

  1. Install the "Plugin Diagnostics" app from CA.
  2. Break the server
  3. Log in using a keyboard, then run "plugin-diagnostics tailscale"

That will put a diagnostics file in /boot/logs/ that you can retrieve after the server is working again.

 

Link to comment
Grohmand Noob

Grohmand

Posted
Posted
3 hours ago, EDACerton said:

I'd try the steps in the post right above this one to start.

 

If that doesn't work, and you have access to the server itself:

  1. Install the "Plugin Diagnostics" app from CA.
  2. Break the server
  3. Log in using a keyboard, then run "plugin-diagnostics tailscale"

That will put a diagnostics file in /boot/logs/ that you can retrieve after the server is working again.

 

I don't currently have a monitor or cable to do the other option, but resetting and then step 4 is just logging in again right did nothing. I can try reboot after the server breaks without removing tailscale device and see if it's same behavior also. Do you have any other ideas I could try? I will try get physical screen access 

Link to comment
Grohmand Noob

Grohmand

Posted
Posted (edited)

So to add on to this after rebooting it I can access it through tailscale and I see tailscale1 added in listening interfaces, but I can't access the network interface or atleast web interface locally anymore, is this intended or is there a way for me to do so anyways? I also tried with SSH, through tailscale both works. 

I will attach diagnostics once I get back home as the server is possibly to be accessed now. 

 

If I enable ipv6 it works with ipv6 but not ipv4. 

Edited by Grohmand
Link to comment
Kibi Noob

Kibi

Posted
Posted

Hello,

I've installed the Plugin with the Spaceinvader One Part 1 video. I've added subnets and everything is working fine. The only problem is, if I try to connect to the unraid webui, I have to write the port into the Browser. Without the port there is no connection. What was my mistake? If I try on the Docker page to connect to a WebUI of a Docker, it works.

Link to comment
EDACerton Enthusiast

EDACerton

Posted
  • Author
Posted
2 hours ago, Kibi said:

Hello,

I've installed the Plugin with the Spaceinvader One Part 1 video. I've added subnets and everything is working fine. The only problem is, if I try to connect to the unraid webui, I have to write the port into the Browser. Without the port there is no connection. What was my mistake? If I try on the Docker page to connect to a WebUI of a Docker, it works.

This sounds like normal behavior. Do you normally need to add a port to conect to the Unraid UI?

Link to comment
Aldamir Rookie

Aldamir

Posted
Posted (edited)

I tested mobile (Android 14) with Firefox, on Macbook (maxOS 14.6.1 (23G93) with Firefox and Safari, on Linux Mint 22.

Also got the error in the attached image..

Screenshot 2024-09-22 at 14.02.38.png

But i will probably just roll back to a stable unraid version :)

UPDATE: Well i downgraded to 6.12.13 and still have the issue, see the second image...
 

Thanks for any idea and help! :)
 

Screenshot 2024-09-22 at 14.11.29.png

Edited by Aldamir
Link to comment
fir3drag0n Rookie

fir3drag0n

Posted
Posted (edited)

Hi,

 

My unraid DNS settings are always overwritten by tailscale, how to resolve that?

 

After some time, I always have the problem that my "resolv.conf" in unraid gets overwritten by tailscale.

 

Thus, resulting that the apps store is not available anymore or that docker container updates are failing, etc.:

  

# resolv.conf(5) file generated by tailscale
# For more info, see https://tailscale.com/s/resolvconf-overwrite
# DO NOT EDIT THIS FILE BY HAND -- CHANGES WILL BE OVERWRITTEN

nameserver 100.100.100.100
search example.com

 

How to prevent that? I am using the tailscale plugin and the headscale docker container.

 

A fix is that I have to manually change the dns server in the webinteface, but I want to prevent that.

Edited by fir3drag0n
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...