Why does connecting via Tailscale seem to reactivate my Site to Site VPN??
-
I currently have two site to site VPN's set up in pfsense using Wireguard.
One of them is a pfsense to pfsense setup, and this one has been super stable and so far it has pretty much never "broken down" for any other reason than me fiddling with either of the pfsense machines or the associated DNS.
The other one is set up with a Unifi UDR as the peer, at my moms place. Every now and then, this VPN is down, as indicated in the pfsense dashboard, and I can't access her network.
As a backup solution, I happen to have a Pi3 in her network running Tailscale (subnet router). And with this, I am able to access her network even when the site to site VPN is down...
What is curious and what I'm hoping someone might help me understand is this... Almost every time that this VPN has been down, all I have to do is to start up my Tailscale client on the PC at home, and access the web interface of the UDR from my browser. I don't have to log in or do anything else, I just get the login page of the UDR. But the moment I do this, I see the numbers changing in the gateway monitor on pfsense (RTT, RTTsd and Loss). And a few moments later, the VPN is showing it's normal status and I can shut down the Tailscale client and access her network as usual...
So somehow, when I access her LAN via Tailscale, from my PC, the VPN between pfsense and the UDR comes to life after being down, what is going on?? Is it something with states in the FW, that are being reset or come back to the correct "setting".
And just to be super clear, there is no tailscale on pfsense... It's a Raspberry Pi inside the other network (UDR) acting as a subnet router (tailscale naming), and I run the client on my PC behind pfsense.