Menu
What's new
By:
Filters Better Search

TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (THREAD #1 CLOSED)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

hi everyone, I am new to this forum and I actually would like to find a solution of a three routers access problem I had with VPN access(OpenVPN client and PPTP client). And i read about Tailmon and not sure if this will help me. (Asus AC87U router does not have wireguard, but TP Link AX55 has wireguard server)

Here is my situaion: I have three routers in my home network, TP Link AX 55 connected to cable modem and internet with an USB drive 1, TP Link AX23 connected as a mesh node of TP Link AX 55, Asus AC87U lan port to lan port connected to TP Link AX 55 and disabled NAT DHCP DNS etc. Asus AC87U attached an USB Drive 2

I have TP link enabled with pptp and openvpn server. When I am on home network (either on wifi or wire of TP Link or Asus), I can access Asus USB drive and AX 55 usb drive. But when I am outside the network, I used VPN (either PPTP and OpenVPN client) back to TP Link, I cannot access Asus USB drive but can access TP Link AX 55 USB drive) Is there a way to config the routers to make it work. I researched a lot about this, some say using port forwarding and lan route, but I have no luck with any of these. Please advise, thanks in advance.
 
Anthonywkho said:
I have three routers in my home network, TP Link AX 55 connected to cable modem and internet with an USB drive 1, TP Link AX23 connected as a mesh node of TP Link AX 55, Asus AC87U
Click to expand...
Hi and welcome to the forums.

Given your routers are a combination of ASUS and non-ASUS Routers I think your question might find more results in the Other LAN and WAN forum, maybe @Viktor Jaep or a moderator can move it there.

As regards TAILMON, it needs to be on an ASUS Router supported by ASUS Merlin. Your ASUS AC87U Router was previously supported, but is no longer. The last Merlin FW was 384.13_10. If it runs amtm then I believe TAILMON could still be installed on it.

I am not familiar enough with networks to answer your question directly, but I am not sure if putting TAILMON on the ASUS, (which appears to just be acting as an AP?) is really a solution for you. I believe you don’t really need Tailscale on all devices on your network as long as you can access your LAN from outside and as you are using OpenVPN to connect to the TPLink, you seem to be able to do this. Tailscale and OpenVPN are different VPNs in any case.

If your only issue is that you cannot access the USB on the ASUS externally (but OK internally if I understand it correctly), it may be that it is a Shares or Permissions issue? If it is in AP mode you will not be able to access a USB attached to the AP according to this thread.

Maybe have a look at these links below, there’s some suggestions under OpenVPN you access it by it’s IP address not by the share name.

Sorry I cannot be more help, it’s not really an issue I know anything about. I’m pretty sure you don’t need TAILMON to fix your issue.

HTH

www.snbforums.com

Wireguard (Asus) cannot acces USB drive remotely.

Hi folks. I have Asus ax5400ax TUF and it just got a new firmware with a Wireguard support. Prior to this I've been using OpenVPN. With OpenVPN I could easily acces files on USB attached HDD remotely. Same was with the InstantGuard. But I cannot access files with the Wireguard even though the...
www.snbforums.com www.snbforums.com

www.snbforums.com

VPN Server connection...Can not access attached USB drives

I'm running Merlin. I set up a VPN Server with the intent of being able to connect to my home system and grab files that are on my attached USB drives when I am away from home with my Android phone. I setup a OpenVPN VPN server and selected LAN Only option. When I am connect my Android to my...
www.snbforums.com www.snbforums.com

www.snbforums.com

Asus- Open VPN and reaching network drives

Hello All, I have an Asus RT-AX3000 and I use open VPN configured when I'm on the road. I have a few network drives and I can connect to them fine when I am on my home network. When I am on the road and I connect with OpenVPN and try to access the network share I get this error, do I need to...
www.snbforums.com www.snbforums.com

www.snbforums.com

Help with access to SMB drive on ASUS router

I am trying to access a drive that I have attached to my router. I have been through the forums here and googled so I hope I have not missed anything too simple/stupid and that I have organized the material in a way that is useful to all of you: Router: RT-AC68U, Merlin firmware version...
www.snbforums.com www.snbforums.com
 
Last edited:
Viktor Jaep said:
Wow, that's pretty crazy... what are your thoughts on this FAQ? Are you seeing any issues?

Can I use headscale and tailscale on the same machine?

Running headscale on a machine that is also in the tailnet can cause problems with subnet routers, traffic relay nodes, and MagicDNS. It might work, but it is not supported.
Click to expand...

Didnt notice any issues so far. Both my deployment variants have headscale running on a host thats also a member of the tailnet. I dont really use magicdns and exit nodes that much, but from my limited testing it all seemd to work as intended. Basic routing definitely works without problems, as I have a lot of traffic flowing through the tailnet constantly.
 
Tailscale users, maybe you can help me with this?

It occurred to me that I maybe should change my ufw firewall rules on my Raspberry Pi machines to include Tailscale IP addresses? (100.64.x.y)

However, I noticed something strange when logging into several devices from my MacBook Air outside my house to devices inside my house. When logged in via SSH, I use this command to check the IP address:

Code: 
echo $SSH_CLIENT

These are the results:
  • MacBook Air -> router: 100.64.x.y
  • MacBook Air -> (any) Pi: 192.168.1.1 (my router's IP address on the local network)
Why does the router report a Tailscale address, but the Pi a local address? (And not of the MBA, but of the router?)

And (a bit unrelated): I'm still allowing external SSH into my devices. Is using Tailscale (only) instead safer?

(SSH with public/private keys, not passwords)
 
This is maybe a dumb question but is there any advantage for me to run TailMon on my Router, if I already have a Mac mini and a synology running Tailscale Subnet? all Im seeing for Me is downsides of higher CPU load on my router, another device to make sure is updated, and potential crashes that could take my router down, and therefore most of my Tailscale network. I certainly see in some instances where this would be perfect, but am I missing something?
 
slvrscoobie said:
This is maybe a dumb question but is there any advantage for me to run TailMon on my Router, if I already have a Mac mini and a synology running Tailscale Subnet? all Im seeing for Me is downsides of higher CPU load on my router, another device to make sure is updated, and potential crashes that could take my router down, and therefore most of my Tailscale network. I certainly see in some instances where this would be perfect, but am I missing something?
Click to expand...
The great advantage is that all the devices connected to your subnet router will effectively be on your Tailscale network (and not only your mac mini and synology). I use it to remotely access my firestick, my modem router, my WiFi access points, my security camera my TV tuner and alll other clients that cannot have Tailscale installed on them or do not have cloud access otherwise.
 
Aiadi said:
The great advantage is that all the devices connected to your subnet router will effectively be on your Tailscale network (and not only your mac mini and synology). I use it to remotely access my firestick, my modem router, my WiFi access points, my security camera my TV tuner and alll other clients that cannot have Tailscale installed on them or do not have cloud access otherwise.
Click to expand...
I think the OP, who has asked an excellent question, already has his Synology device set up as a subnet router, so AFAIK, that device could act as the means to access other devices (and to bypass CGNAT). This is what I did in my first foray into Tailscale (TS), setting up an RPi. It runs Tailscale natively, so ostensibly fewer performance issues.

You can also designate the Synology as an exit node.

For me putting it on the Asus Router was for reasons of simplicity, an all in one device (that does all the routing) and for those with TS on a travel router (like my GLiNET Beryl AX), absolutely it makes sense; but ASUS does not really make travel routers.

So as I said, it’s actually a good question, that was asked on a Reddit post some time ago. I am no expert but do not believe any of the answers there nail down definitely what advantages it has. I am hoping @ColinTaylor or @Viktor Jaep can throw some light on it.

I have used Tailscale SSH and the Taildrop features of Tailscale and they are pretty cool directly on the Router.

k.
 
Last edited:
Sorry missed the Synology as a subnet. Not wishing to stray off here but how can a NAS drive act as a subnet router (when it is in fact not a router)? Your learn something new everyday.
 
jksmurf said:
I think the OP, who has asked an excellent question, already has his Synology device set up as a subnet router, so AFAIK, that device could act as the means to access other devices (and to bypass CGNAT)? This is what I did in my first foray into Tailscale (TS), setting up an RPi. It runs Tailscale natively, so ostensibly fewer performance issues.

You can also designate the Synology as an exit node.

For me putting it on the Asus Router was for reasons of simplicity, an all in one device (that does all the routing) and for those with TS on a travel router (like my GLiNET Beryl AX), absolutely it makes sense; but ASUS does not really make travel routers.

So as I said, it’s actually a good question, that was asked on a Reddit post some time ago. I am no expert but do not believe any of the answers there nail down definitely what advantages it has. I am hoping @ColinTaylor or @Viktor Jaep can throw some light on it.

I have used Tailscale SSH and the Taildrop features of Tailscale and they are pretty cool directly on the Router.

k.
Click to expand...
I would say, it would probably also add for some redundancy... if the synology went down for some reason, being able to access other devices through your router would be the way to go, or to try to remotely troubleshoot the synology.
 
Aiadi said:
Sorry missed the Synology as a subnet. Not wishing to stray off here but how can a NAS drive act as a subnet router (when it is in fact not a router)? Your learn something new everyday.
Click to expand...
I believe Synology has it's own OS based on Linux, so I’m guessing it uses a similar approach to an RPi or other Linux device.

Here’s the thing that I find very neat though, is that you can configure an Apple TV (IOS17 up) running the Tailscale App, as a subnet router. I use this as a backup and just enable the subnet router capability if I need it (if fhe Router is down).

I’m not sure how it performs speed wise compared to a native kernel but I’m sure it’s enough.

Doesn’t answer the OPs question though :).
 
Dr.Rom said:
I switched both to kernel mode to no avail. I also deactivated the exit node (I only use it on demand, each network should use its own local internet and I only want the devices to have interconnectivity). Could it be that tailmon is blocking me from changing the setting with tailscale set command? When I tried to deactivate exit node with set --advertise-exit-node=false didn’t change the connection command line in tailmon until I set the option for exit node inside tailmon to no.

View attachment 59099
Click to expand...
An update to my issue. I gave up since our last conversation and I had a try again today. I had a regular wireguard server setting on my local router and client setting on the remote router. I tried this time and deactivated both and now Tailscale is working as it should be.
 
jksmurf said:
I think the OP, who has asked an excellent question, already has his Synology device set up as a subnet router, so AFAIK, that device could act as the means to access other devices (and to bypass CGNAT). This is what I did in my first foray into Tailscale (TS), setting up an RPi. It runs Tailscale natively, so ostensibly fewer performance issues.

You can also designate the Synology as an exit node.

For me putting it on the Asus Router was for reasons of simplicity, an all in one device (that does all the routing) and for those with TS on a travel router (like my GLiNET Beryl AX), absolutely it makes sense; but ASUS does not really make travel routers.

So as I said, it’s actually a good question, that was asked on a Reddit post some time ago. I am no expert but do not believe any of the answers there nail down definitely what advantages it has. I am hoping @ColinTaylor or @Viktor Jaep can throw some light on it.

I have used Tailscale SSH and the Taildrop features of Tailscale and they are pretty cool directly on the Router.

k.
Click to expand...
Correct, I already have TS running a subnet and exit node on both Synology NAS and Mac mini, so redundancy also covered, as are all my cameras and devices I need to access from within the LAN. which is why I was wondering, other than adding additional work load to my router CPU, is there any Killer app to this that Im missing. Doesnt sound like it. I understand for people without spare desktops or NAS, allowing a Subnet /access to the LAN from the router is a huge win.
 
You must log in or register to reply here.

Similar threads

Viktor Jaep
TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!)
Replies
2
Views
224
Viktor Jaep
Viktor Jaep
JA93
Tutorial **Tailscale On Merlin**
5 6 7
Replies
127
Views
15K
jksmurf
J
Viktor Jaep
ViktorJP: I'm out-of-the-office
Replies
19
Views
1K
aru
aru
Viktor Jaep
VPNMON VPNMON-R3 v1.3.7 -Oct 20, 2024- Monitor WAN/Dual-WAN/OpenVPN Health & Reset Multiple OpenVPN Connections (Now available in AMTM!)
12 13 14
Replies
278
Views
42K
bibikalka
B
Viktor Jaep
VPNMON VPNMON-R2 v2.65 -Jan 27, 2024- DISCONTINUED - Upgrade to VPNMON-R3 Available! (#3)
6 7 8
Replies
144
Views
22K
Viktor Jaep
Viktor Jaep
Similar threads
Thread starter Title Forum Replies Date
Viktor Jaep TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!) Asuswrt-Merlin AddOns 2
thelonelycoder amtm amtm 5.0 - the Asuswrt-Merlin Terminal Menu, November 17, 2024 Asuswrt-Merlin AddOns 61
thelonelycoder Entware Entware repository update: August 8, 2024 Asuswrt-Merlin AddOns 21
thelonelycoder Diversion Diversion 5.3 - the Router Ad-Blocker, August 11, 2024 Asuswrt-Merlin AddOns 40
Viktor Jaep RTRMON RTRMON v2.1.3 -Oct 19, 2024- Monitor your Router's Health (New: AMTM, Network Conn/Bandwidth/Diag + Port Scanner + Speedtest) Asuswrt-Merlin AddOns 252
thelonelycoder uiDivStats uiDivstats 4.0.3 - WebUI Stats for Diversion, November 19, 2024 Asuswrt-Merlin AddOns 38
thelonelycoder scMerlin scMerlin 2.5.8 - Service and script control menu for Asuswrt-Merlin, October 20, 2024 Asuswrt-Merlin AddOns 85
Viktor Jaep BACKUPMON BACKUPMON v1.8.20 -Oct 12, 2024- Backup/Restore your Router: JFFS + NVRAM + External USB Drive! CIFS/SMB/NFS! (Now available in AMTM!) Asuswrt-Merlin AddOns 487
janico82 sbnMerlin 1.2.6 - Network Isolation Tool based on Guest Networks, June 26 2024 Asuswrt-Merlin AddOns 149
thelonelycoder Diversion Diversion 5.1.3 - the Router Ad-Blocker, May 09, 2024 Asuswrt-Merlin AddOns 695

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,076 (members: 31, guests: 1,045)
Top