Comment on Classification need with Tailscale, remote access, and local access.
rtxn@lemmy.world 6 days ago
How did you set up subnet advertisements on the router, and which subnets? Did you touch the ACL in the tailnet’s admin console?
On the home PC, did you accept advertised routes with the Tailscale client?
What happens when you ping a host on the LAN using tailscale ping ADDR? What happens when you try to tracert or tracepath to it?
gazter@aussie.zone 6 days ago
I set up subnet advertisements by doing
tailscale set --advertise-routes=192.168.1.0/24. I did not touch ACL.The home PC is Windows, the context menu for the tray app give the option to ‘use tailscale subnets’ which is enabled- I assume this is the equivalent of accepting advertised routes.
From the home PC, tailscale ping 192.168.1.2 returns a pong, from the tailscale IP. tracert fails.
rtxn@lemmy.world 6 days ago
That’s unfortunate, I have no idea how Tailscale does routing on Windows. Try running the client without accepting any subnet advertisements.
I’ve also found this: tailscale.com/kb/1023/troubleshooting#lan-traffic… The solution might be to advertise a larger subnet (e.g. 192.168.1.0/23) to make the route advertisements on the tailnet less specific than on the LAN. Advertising a larger subnet won’t cause any additional issues because it’s in a private IP range.