What's new

TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (THREAD #1 CLOSED)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Btw, does anyone know how to (re?)enable the ability to access the router ui using router ip address? It now doesn't work for me unless I enter the router tailscale address instead of the 192.168.x.1 address. Very strange. No other vpn acts this way.
I had exactly this problem.
I solved it by removing the "--advertise_routes" option as I didn't want it anyway.
But I realize this will defeat the whole point of using Tailscale for many people.
 
Reboot notification works great:
Code:
WARNING: TAILMON has detected that the router may have rebooted or was restarted. TAILMON.
has reset the service, and reestablished a connection to your Tailnet. Please investigate if this
behavior continues to persist.


Btw, does anyone know how to (re?)enable the ability to access the router ui using router ip address? It now doesn't work for me unless I enter the router tailscale address instead of the 192.168.x.1 address. Very strange. No other vpn acts this way.

Thanks,
Rung
For me it was making sure it's in userspace mode. If you're in kernel mode, you have to advertise that it's a webserver and specify address and port. Those instructions are in this thread...
 
@Viktor Jaep , just installed 17b on 2 routers (both on a different WAN). I was using Custom.
Changed to Kernel, added the enable “accept-routes” on both.

Worked like a charm.

:)
 
Great, good start :).

Also good.

Plug one in please, you need it for entware, which is in turn needed for Tailscale/TAILMON. You can format it from amtm's (fd) script.

Optware is just a package manager, like Entware. I believe Optware is also installed to a USB, but I do not know for sure, as I have never used Optware TBH.

However as you wrote (above), this line (that follows), I assumed you had both the DownloadMaster and Optware installed...

"But Asus vrrsion of Optware which is DownloadMaster needs to be unistalled first???$#%%"; typos left in for authenticity... :)

No biggy; if you have reset your Router, jffs will be clear and amtms' (fd) will format the Disk "as new" so any Optware that might have been on it will be gone now. I believe (not 100% sure) that that Optware package manager is normally installed to a USB disk (not the Router), but if you never installed it, it won't be there and really it doesn't matter as you're about to format it.

Yes; Entware does reside on the USB (is needed by the Tailscale Install), which is why you need one and need to format it as above.

k.
Hi All,
Any suggestions on purchase of new Asus Router? I figure if Im going through all this I might as well upgrade to a decent router.
Thanks
Ratfink
 
Hi All,
Any suggestions on purchase of new Asus Router? I figure if Im going through all this I might as well upgrade to a decent router.
Thanks
Ratfink
The GT-AX6000 and RT-AX88_Pro both get top marks from pretty much all forum members. @RMerlin recently announced support for 3 new beefy routers depending on if you're in the Americas or Europe... the RT-BE96U, GT-BE98_PRO (Americas) and GT-BE98 (by Gnuton/Europe).... but they come with a hefty price tag. ;)
 
Last edited:
Tailscale 1.68.0 is out.

After updating (in TAILMON) I was unable to get it up and running (via TAILMON), but a simple "tailscale up" on the command line worked fine...
 
Tailscale 1.68.0 is out.

After updating (in TAILMON) I was unable to get it up and running (via TAILMON), but a simple "tailscale up" on the command line worked fine...
Ugh. Does it show any messages/errors?
 
For me it was making sure it's in userspace mode. If you're in kernel mode, you have to advertise that it's a webserver and specify address and port. Those instructions are in this thread...
SmartSelect_20240612_150511_Termux.jpg
Screenshot_20240612_150648_Termux.jpg


I think my configuration matches what you said should work. What other variables should I check? Using Android tailscale client. Everything is updated to latest version I believe.

Note it appears ssh works but not web access. Very strange.

Thanks,
Rung
 
View attachment 59404View attachment 59405

I think my configuration matches what you said should work. What other variables should I check? Using Android tailscale client. Everything is updated to latest version I believe.

Note it appears ssh works but not web access. Very strange.

Thanks,
Rung
That looks right... Are you trying to access it with http or https? I just tried it from my phone as I'm currently remote, and was able to get to both ssh and http with the private IP of the router.
 
Tailscale 1.68.0 is out.

After updating (in TAILMON) I was unable to get it up and running (via TAILMON), but a simple "tailscale up" on the command line worked fine...

Might just be my setup but update works ok for me.
 
Tailscale 1.68.0 is out.

After updating (in TAILMON) I was unable to get it up and running (via TAILMON), but a simple "tailscale up" on the command line worked fine...
Just updated my main router remotely (yeah I like living on the edge!)... but I had no issues to report. It updated/downloaded, and restarted the service without issue. No errors. I am running on 1.0.17b1...

1718229871396.png
 
View attachment 59404View attachment 59405

I think my configuration matches what you said should work. What other variables should I check? Using Android tailscale client. Everything is updated to latest version I believe.

Note it appears ssh works but not web access. Very strange.

Thanks,
Rung
Okay. I have it working after lots of fiddling:

1) Made the router an exit node
2) Approved exit node on the control panel
3) Added the router ip as a dns server on control panel
4) Check off "override local dns" on control panel

Not sure why all that was needed but perhaps the ui needs acces to a valid dns and the internet to work remotely?

Rung
 
I had exactly this problem.
I solved it by removing the "--advertise_routes" option as I didn't want it anyway.
But I realize this will defeat the whole point of using Tailscale for many people.
Hi, did you mean you solved it by removing the "--advertise-routes" option or "--accept-routes" option (via "--accept-routes=false").

I must admit this issue bugs me a wee bit as I also like to access my local LAN devices via local IPs and not Tailscale's IPs, so I've done a wee bit of reading about it and while it's way more than my feeble brain can comprehend, nonetheless, I have a few comments and possible workarounds to share:

TLDR; there appear to be a few possible solutions: for you and @rung, until Tailscale sort out an easier solution.
  1. Per @Viktor Jaep

    (i) Use Userspace mode: "Just plain userspace mode with no frills. I can get to my router both via http and ssh using the private IP."; does not seem to have worked for @rung though.
    (ii) For Kernel mode: As noted by Viktor "If you're in kernel mode, you have to advertise that it's a webserver and specify address and port. Those instructions ..." to use the tailscale serve command are as provided here by @Rajjco.

  2. Temporarily disable accept-routes by issuing "--accept-routes=false" either via the CLI or as a custom command in TAILMON. Short term solution only though.

  3. Per GitHub suggestion, change the priority of the subnets so they are marginally lower than your local LAN:

    e.g. if your local LAN is 192.168.50.0/24 and the two LANs you want to set up as site-to-site were originally say 192.168.50.0/24 and 192.168.1.0/24, then change these subnets in TAILMON to 192.168.50.0/23 and 192.168.1.0/23. You will be able to access your local LAN on 192.168.50.1 etc as it is higher priority. You will need to set up the two subnets in custom mode if you want to do it in TAILMON.
  4. Per Tailscale Website (Linux only), add an ip rule (via the CLI) specifying the priority i.e.

    ip rule add to 192.168.x.x/24 priority 2500 lookup main; This seems to be more for OpenWRT?

    Also from Github "Add a higher-priority rule to route the subnets via the local table:"

    ip rule add to 10.51.1.0/24 priority 5000 table main

    which is a similar solution to the Tailscale Website's one.
  5. Per Tailscale Website, use Exit Nodes ((C)ustom Option (4) " Configure this Router as Exit Node" and then toggle Allow LAN Access on with

    --exit-node-allow-lan-access=true

    Y
    ou should be able set this command up in TAILMON using custom commands (Tailscale Connection Commandline).
  6. For Windows users, from a Powershell Window, issue:

    Set-NetIPUnterface -InterfaceAlias "Tailscale" -InterfaceMetric 501
Let us know if any of these works for you. Please report what device you're trying it on as the solutions appear to be different for different platforms.

Long Version

Disclaimer: I don't really understand much (actually any) of this, I just look for patterns of the issues and solutions in Google searches. What I hope to present are simply the same, with links, so folks can see where the above solutions came from and read about it and decide or comment. That's all. You will need expert advice to explain why.

There are 3 main sources of information (i) Github (issues and suggestions); (ii) the Tailscale Forum and (iii) Reddit.
Github seems by far the best source of detail, the others are more "Yep, I'm having that problem too".

I provide the link and a sample extract of what appears to be a similar issue and/or solution

GitHub Issues:
The Github issue number is at the Top of each image:


Tailscale Website and Tailscale Forum:

Reddit
k.

I tried to put all the images inline but limited to 5 so just went to imgur groups.

btw I cannot offer any support for any of this at all (lack of expertise!) and it's also nothing to do with TAILMON (at the moment at least), so I'm sure that while @Viktor Jaep would be happy to help you with TAILMON, this is way outside its remit :) .
 
Last edited:
Unfortunately not.
I wonder if it's because ours restarted by itself.
Do you have these settings for (1) and (6)?

TS.jpg
 
Last edited:
Hi, did you mean you solved it by removing the "--advertise-routes" option or "--accept-routes" option (via "--accept-routes=false").
I removed the "--advertise-routes" option.
I still use "--advertise-exit-node" option
I also had to do the "--reset" thing to get it working.
 
I wonder if it's because ours restarted by itself.
Do you have these settings for (1) and (6)?

View attachment 59432
I updated mine through the normal u(P)date function, which downloaded, installed and restarted the tailscale binary without issue.
 
Is there a way I can retry this upgrade?

(How) Can I downgrade to 1.66.4 to test this?
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top