tailscale-qpkg
tailscale-qpkg copied to clipboard
tailscale
Installed Tailscale 1.36.1 - now QNAP is inaccessible
Hi there,
I recently installed Tailscale 1.36.1 from the qpkg provided here on my QNAP NAS TVS-471 running firmware 5.0.1.
Immediately following this installation via the web console to connect it to Tailscale, the NAS stopped responding via its IP over http, ssh or pings, though my unifi router can see the device and is assigning it a local IP (though this is fixed).
From the dashboard in tailscale I can see the device is somehow connecting and then disconnecting again ten minutes later. It does this on a loop. I can't quite tell if its rebooting as I can't connect to it, but I will update this if it is.
Just so you know I performed a reset on the system via the reset button on the NAS.
And then (naively) installed the same package again. This caused the same problem. The NAS remained connected to tailscale, but became completely inaccessible to devices on the local network whether those devices were signed into tailscale or not. The device was accessible via ssh via tailscale, but because the system was set up to only accept local connections via ssh it failed every login attempt.
Same here. 1.34.1 was working for me, but then 1.36.1 made my NAS inaccessible and still did not connect to Tailscale.
When I try to get it to connect VIA SSH, I get the following:
./tailscale -socket var/run/tailscale/tailscaled.sock up failed to connect to local tailscaled (which appears to be running as tailscaled, pid 27902). Got error: Failed to connect to local T ailscale daemon for /localapi/v0/status; not running? Error: dial unix var/run/tailscale/tailscaled.sock: connect: connection refused
Running on a TVS-872XT with QuTS Hero h5.0.1.2348.
I had the same problem pop up when I updated to 1.40.0 also it might be something that qnap did with a firmware update that clashed with tailscale
Same here, updated QNAP to QuTS hero h5.0.1.2376 & Tailscale to 1.40.0 and I can see it only via tailscale IP
New QNAP Installed Tailscale from App Center. After joining tailscale network, when tailscale starts the local LAN access gets blocked. You CAN access it over the tailscale IP but this is not ideal.
This is absolutly something specific to tailscale, as if you login to the webUI over the tailscale IP and stop tailscale in the gui, it immediately starts responding on the LAN IP address.
Start tailscale again over the LAN IP and a few moments after it starts up it stops responding on the LAN IP.
I even manually set the default route to the specific interface, and no success.
Also, if you have shell access: tailscale up --accept-routes=false might help. That would imply that there is a subnet router, and that something is going wrong when programming the routes.
@wingcomm Unfortunately 1.46.1 does not solve the issue, nor does the most current 1.48.
@DentonGentry The default appears to be accept-routes=false already but when running that
<g/Tailscale] # ./tailscale up --accept-routes=false
Some peers are advertising routes but --accept-routes is false```
It doesn't change anything....
Interestingly enough, if I stop the service in the QNap GUI, and go to the command line and manually launch the daemon,
cd /share/CACHEDEV1_DATA/.qpkg/Tailscale/ && ./tailscaled --verbose
and in another terminal start tailscalse `./tailscale up`
It works fine. really confusing.
Okay so got it working...
- completely uninstall previous version
- Remove from tailscale admin
- install 1.48
- rejoin to tailscale
- Verify.
Not sure why that dance was needed. but it solved the issue. It is now available over both the tailscale network and the native LAN like it should be.
Okay so got it working...
Is your QNAP accessible via your LAN IP with routing enabled? I'm still running the old version (1.34.1) on the NAS with routing enabled. I am using the QNAP as a Tailscale router, so I can access other devices from outside my house which are not able to run Tailscale themselves.
NAS functionality: From my phone via cellular only: Tailscale client on - NAS accessible with Tailscale IP and LAN IP From my phone via cellular only: Tailscale client off - inaccessible as expected From my phone via LAN wifi: Tailscale client on - NAS accessible via LAP IP only From my phone via LAN wifi: Tailscale client off - NAS accessible via LAP IP only as expected
Is this how 1.48 is working? QuTS Hero 5.1.1.2488
I have the same issue with the following environment:
Hardware: TS-932PX
Firmware: QTS 5.1.1.2491
Tailscale qpkg from the QNAP App Store: Tailscale 1.40.0-1 (2023-06-12)
This is the first I've had this issue since the release of the qpkg in the App Store. I will share further details if I find anything as I investigate (but I'm a rookie sysadmin homelab guy, so wish me luck).
@ag14spirit We would need a bugreport or even the Tailscale IP address of the QNAP device to have a change of finding its telemetry. If not comfortable corresponding about that on a public issue, you can contact support instead: https://tailscale.com/contact/support/
@DentonGentry I'll provide log files via the support link.
My QNAP device Tailscale IP is currently 100.106.238.134, if that helps you in any way; I'll also identify that in the support submission in case that hits a different desk than yours.
I just run into same issue. instaled 1.40 from the app store. Why there is no recent version there? Qnap become completly inaccesible from local lan , however the VM's were working just fine. From LOCAL lan the tailscale IP was unpingable !!!!! I was completly cut off. but tailscale console was claiming it was still active.
I managed to ping it over tailscale from one of the VM's inside the qnap. but the pings were like 2000ms , and disable the tailscale app , that took like 5 min to get to proper menu in the CLI , that made it work perfectly fine again from local lan.
QNAP is such a vital piece of hardware in my network, that it is scary how I almost lost it (one VM is running openhab that is managing all light switches in a house )
Not experimenting again. I settled on running exit node on a separate VM inside qnap so i can access it remotely this way.
@DentonGentry
So the latest qpkg successfully allowed me to access my QNAP device via Tailscale...and only by Tailscale. But, I'm not blocked from the device as I was last time; this is improved.
Upon logging in via SSH, I go to the Tailscale CLI in the following directory:
cd /share/CACHEDEV1_DATA/.qpkg/Tailscale
And I'm unable to generate a bug report using the following command:
sudo ./tailscale -socket var/run/tailscale/tailscaled.sock bugreport
It appears that only some of the commands function, even with sudo.
Is it possible this is related to having disabled the default admin/root account (as common best practice) via the QNAP QTS GUI?
I'd eventually like to run tailscale serve to expose the QTS login with properly signed TLS over my Tailnet, which appears to be an option in the Tailscale CLI USAGE print that outputs upon failing the above command(s).
I've ran into the same issue on latest release v1.58, as soon as qnap joins tailnet device stops responding on local address.
I'm seeing the same issue, I can't access web UI or plex when tailscale is installed. I installed the lastest from the app store. Running the latest QTSHero
I had this issue once I enabled subnet routes on a different machine running tailscale on my LAN.
This is happening with the latest, v1.58.2.
Once I disabled "subnet routes" on the other machine, I was able to access my QNAP again. Thanks
I'm having the exact same issue on the latest version as described by @cromelex. I also have a device (a Synology NAS) with Tailscale on the same LAN that has subnet routes enabled. I can no longer access my QNAP over its IP address and it can no longer access my internal DNS on the same network.
I have encountered the same issue with my QNAP NAS using Tailscale. I updated the NAS to use the latest version of Tailscale (v1.66.4) and the issue persists.
As reported above, the issue occurs for me as soon as another node in the Tailscale network advertises a subnet route (in my case this needs to be approved first in the admin panel). As soon as this happens, I lose all connectivity to the NAS.
To restore access, I need to update the node subnet router node to remove the advertisement of routes. As soon as I do this, I can access the NAS again.
Not really any new information here, but just adding weight to the issue mentioned above.
Only thing I have found to fix this is to either disable any subnet routers in your tailnet, or start tailscale on the qnap with --accept-routes=FALSE
Have tried this today with v 1.7 and still the same problem.
How do I start Tailscale on my Qnap with the --accept-routes=FALSE switch? When I ssh into my TS-453a it doesnt recognise the tailscale command.
How do I start Tailscale on my Qnap with the --accept-routes=FALSE switch? When I ssh into my TS-453a it doesnt recognise the tailscale command.
Run export PATH=$PATH:$(getcfg SHARE_DEF defVolMP -f /etc/config/def_share.info)/.qpkg/Tailscale/ first.
How do I start Tailscale on my Qnap with the --accept-routes=FALSE switch? When I ssh into my TS-453a it doesnt recognise the tailscale command.
Run
export PATH=$PATH:$(getcfg SHARE_DEF defVolMP -f /etc/config/def_share.info)/.qpkg/Tailscale/first.
Thanks for the fast reply, can access my NAS on the local IP again now.
Same here, both in 1.40 and 1.70.0-1. The app (1.40) should b e removed from QnapStore. Not funny for a newbie user to suddenly loose control of their nas
