[Plugin] Tailscale

[Jozodr]

well, servers are not in same location.

[EDACerton]

12 minutes ago, Jozodr said:

well, servers are not in same location.

I don’t think you’re understanding my question. 
 

There are two different ways to access SSH via Tailscale. 
 

You can install Tailscale, leave “Tailscale SSH” off, and then connect to SSH using Unraid user/pass. 
 

You can alternately turn “Tailscale SSH” on, which replaces the built-in Unraid SSH server with one that uses Tailscale grants to control access. 
 

Tailscale SSH has its use cases, but is more complex to manage. What are you hoping to accomplish by using that alternative functionality?

[Jozodr]

Thanks for clarifying this aspect, makes sense and I should read the documentation more slowly.

While setting up tailscale on my servers I enabled ssh in admin console and forgot it. Obviously if I have red the explanation how this works I would go into the rabbit hole of ACLs.

Thanks for your help, much appreciated!

[spyrosj]

I've got a weird issue where I cannot access SMB from the server's tailscale IP but can resolve it by removing "tailscale1" from "include listening interfaces" in the Network Settings and adding it again. I've attached my diagnostics.

Tower-tailscale-diag-20240909-144937.zip

[EDACerton]

7 hours ago, spyrosj said:

I've got a weird issue where I cannot access SMB from the server's tailscale IP but can resolve it by removing "tailscale1" from "include listening interfaces" in the Network Settings and adding it again. I've attached my diagnostics.

Tower-tailscale-diag-20240909-144937.zip 229.1 kB · 1 download

Thanks for the diagnostics... if you update to the latest release (2024.09.09), that issue should be fixed.

[Goldmaster]

Well here's something very strange is that I disabled netbios as per the banner to be able to access shares when on talescale and I can access shares on Windows devices, but not on android no matter what file app I use, I can't access unraid shares whether I am using talescale or not.

I have found that the share does not show, but if i put in the ip address and as guest can then browse. not sure what's going on here or why turning off netbios has done that.

Edited September 11 by Goldmaster
no password needed

[Raul Perte]

My previous solution does no longer work. Since I migrated from the Docker to the plugin, do I need to run the `tailscale up --accept-routes=false --advertise-exit-node --advertise-routes=192.168.0.0/24,192.168.1.0/24` each time? 

I previously was able to use 192.168.0.1 from the mobile phone, but now I can't. Thanks for your help!

[EDACerton]

4 hours ago, Raul Perte said:

My previous solution does no longer work. Since I migrated from the Docker to the plugin, do I need to run the `tailscale up --accept-routes=false --advertise-exit-node --advertise-routes=192.168.0.0/24,192.168.1.0/24` each time? 

I previously was able to use 192.168.0.1 from the mobile phone, but now I can't. Thanks for your help!

You only need to run the command once. Remember to approve the route in the Tailscale admin console. The plugin is effectively a "new" computer from Tailscale's perspective, so the approval for the docker container doesn't get copied over.

[Raul Perte]

4 hours ago, EDACerton said:

You only need to run the command once. Remember to approve the route in the Tailscale admin console. The plugin is effectively a "new" computer from Tailscale's perspective, so the approval for the docker container doesn't get copied over.

That is what I did. However, something is wrong because I cannot access the LAN IPs anymore, even though the nodes are advertised and are approved in Tailscale Admin. 

[EDACerton]

7 hours ago, Raul Perte said:

That is what I did. However, something is wrong because I cannot access the LAN IPs anymore, even though the nodes are advertised and are approved in Tailscale Admin. 

Please post diagnostics from the plugin settings.

[Grohmand]

I installed it on the server and I do not have tailscale subnets on, but I noticed that I can no longer connect to server through it's' normal IP, and I can ping the tailscale IP but no web interface. The only differences compared to before is I have CGNAT here and I am wondering if tailscale is conflicting? Even though it's working fine on another PC here, is there any troubleshooting steps I can take? 

[Raul Perte]

On 9/12/2024 at 4:18 PM, EDACerton said:

Please post diagnostics from the plugin settings.

Attached! Thanks for your help, once again.

diags.zip

[EDACerton]

11 hours ago, Raul Perte said:

Attached! Thanks for your help, once again.

diags.zip 250.43 kB · 0 downloads

Something is weird in your diagnostics... the "tailscale status" is blank, and I don't see any IPv4 entries from Tailscale in your routing table.

 

I'd try this:

1. Run "Erase Configuration" in the Tailscale settings.
2. Delete the server from the Tailscale admin console.
3. Restart the server
4. Log in again and re-advertise the routes.

[Grohmand]

17 hours ago, Grohmand said:

I installed it on the server and I do not have tailscale subnets on, but I noticed that I can no longer connect to server through it's' normal IP, and I can ping the tailscale IP but no web interface. The only differences compared to before is I have CGNAT here and I am wondering if tailscale is conflicting? Even though it's working fine on another PC here, is there any troubleshooting steps I can take? 

To add on to this, I can only regain access back to the machine by wiping the authentication from Tailscale and rebooting my server losing diagnostics logs in the process, would any additional information help from network settings? I tried to run nmap and all ports seem closed on tailscale IP and the other IP just seems inaccessible to ping or even access after tailscale gets turned on.