Confused about Routes :(

chudak

I have several devices using TalScale with no problems.
I advertise routes as?

192.168.90.0/24
192.168.70.0/24

Those are my LAN and WIFI subnets on dedicated interfaces on my pfSense

Now I setup an ubuntu box for TaleScale, but it can't ping my router or any other devices. Ping 8.8.8.8 works fine

The only that makes it different is that it's my work laptop and it connected to VPN

ifconfig
enp0s31f6: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 48:2a:e3:69:bf:9a  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16  memory 0xeb700000-eb720000  

enx3ce1a1d0e571: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 3c:e1:a1:d0:e5:71  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 26602  bytes 3124495 (3.1 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 26602  bytes 3124495 (3.1 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tailscale0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1280
        inet6 fe80::5db5:dc09:fa48:c355  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 500  (UNSPEC)
        RX packets 818  bytes 98283 (98.2 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1724  bytes 146808 (146.8 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 172.xx.yy.42  netmask 255.255.255.255  destination 172.21.48.41
        inet6 fe80::c44c:23d2:2eeb:8b61  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 68850  bytes 23726298 (23.7 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 33577  bytes 1984752 (1.9 MB)
        TX errors 0  dropped 4 overruns 0  carrier 0  collisions 0

tun1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 192.168.20.2  netmask 255.255.255.0  destination 192.168.20.2
        inet6 fe80::ced2:5bd4:31c1:cf6d  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 232  bytes 77374 (77.3 KB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 307  bytes 50360 (50.3 KB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlp82s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.4.92  netmask 255.255.252.0  broadcast 192.168.7.255
        inet6 fe80::5977:2531:419d:80dc  prefixlen 64  scopeid 0x20<link>
        inet6 2601:648:8200:850:79b2:e26e:d42b:6d6f  prefixlen 64  scopeid 0x0<global>
        inet6 2601:648:8200:850:222f:9a9c:5e19:2278  prefixlen 64  scopeid 0x0<global>
        inet6 fd57:262c:4115:1:79b2:e26e:d42b:6d6f  prefixlen 64  scopeid 0x0<global>
        inet6 fd57:262c:4115:1:ae34:f49e:b15f:d368  prefixlen 64  scopeid 0x0<global>
        ether 94:e6:f7:21:7e:2e  txqueuelen 1000  (Ethernet)
        RX packets 1091567  bytes 1031601810 (1.0 GB)
        RX errors 0  dropped 17  overruns 0  frame 0
        TX packets 601329  bytes 248561750 (248.5 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

What am I missing?

Thx in advance!

chudak

@chudak

nobody ???
anybody???

RobH 0

@chudak The work laptop likely has a "tunnel all" rule that sends all traffic through the VPN tunnel.

chudak

@robh-0

where would that be set?
and how is it supposed to be set?

Thx

RobH 0

@chudak It is typically configured in the VPN config, and I consider Tunnel All to be the correct configuration. If your company takes security seriously, they will have it configured in such a way that prevents you from changing it.

chudak

@robh-0 said in Confused about Routes :(:

@chudak It is typically configured in the VPN config, and I consider Tunnel All to be the correct configuration. If your company takes security seriously, they will have it configured in such a way that prevents you from changing it.

Makes sense.

But when I use a regular OpenVPN connection on the box all works fine.

Does it fit in our theory?

RobH 0

@chudak All the devices on your network except your VPN connected work PC should all be accessible through TailScale. I use TailScale for access to my network, and I have zero issues.

You might want to watch this video and see if it helps:
https://www.youtube.com/watch?v=P-q-8R67OPY

Also, Netgate has released a video also, which can be viewed here:
https://www.netgate.com/blog/tailscale-on-pfsense-software

chudak

@robh-0 said in Confused about Routes :(:

@chudak All the devices on your network except your VPN connected work PC should all be accessible through TailScale. I use TailScale for access to my network, and I have zero issues.

You might want to watch this video and see if it helps:
https://www.youtube.com/watch?v=P-q-8R67OPY

Also, Netgate has released a video also, which can be viewed here:
https://www.netgate.com/blog/tailscale-on-pfsense-software

I am sure I watched them but will watch them again.
This is frankly not a burning issue, it's just odd.

I am using TailScale on several devices myself and have no issues, except for one Ubuntu laptop.