hello all,
i have a tailscale network with 4 openwrt routers. firewall is configured on all routers like described here: [Openwrt Wiki] Tailscale.
all router run on a vanilla openwrt. and on all tailscale is configured with --accept-routes --advertise-routes xxx.xxx.xxx.xxx/xx --advertise-exit-node
the routers are my tailscale edge routers and the LAN behind these routers is reachable from any other of the LANs. it all works like a charm.
and now comes the gl.inet GL-X3000.
what works:
- reaching the tailscale addresses of all other edge routers.
- reaching the LAN of the GL-X3000 from all other tailscale routers and from the LANs behind them.
what don't work:
- reaching the LANs behind the tailnet edge routers and the LAN address of the routers from the GL-X3000 and from its LAN.
to make it short.
from tailscale in direction to the GL-X3000 the GL-X3000 and its LAN is reachable by my private address range.
from GL-X3000 in direction to the tailscale, none of the subnets behind the tailscale routers is reachable.
of course i have no double ip address ranges on my subnets. and the routing tables on the GL-X3000 are ok (tailscale addresses and the subnets of all my other routers are listed and point to tailscale0). nor did i configure any additional firewall rules.
i tried:
-
configuring via the GL UI. enable tailscale, register, enable LAN and WAN option.
-- it don't work -
only use the GL UI for activating the tailscale. all the rest from CLI (
tailscale login,tailscale up --accept-routes --advertise-routes xxx.xxx.xxx.xxx/xx --advertise-exit-node
-- it don't work -
configuring additionally via luci the the firewall, the way described in the link. [Openwrt Wiki] Tailscale
-- it don't work. furthermore when i configure an unmanaged interface named "tailscale" linked to the tailscale0 device, the device looses connection to the interface every view seconds. (protocol error: DEVICE_CLAIM_FAILED) -
not using a unmanaged interface for the firewall zone but in advanced options "covered devices" i use the tailscale0 device directly.
-- it don't work -
updating the tailscale software with this script: glinet-tailscale-updater
-- it don't work -
flashing via uboot the firmwares: 4.4.4, 4.4.5, 4.4.6, 4.4.8, 4.4.9, 4.4.11 and trying all the above with every firmware
-- it don't work
i can say without any doubt, "I've tried it all" or did i forget anything?
what is going on there with the tailscale? why, why, why this is not working as it should?
please help.