Tailscale not online

IanMcLeish

Hi, I'm running PFSense 2.7.2 on a Protectli 4 port device. Tailscale has run flawlessly for about 18 months, but while looking at a different issue I saw that it was offline in the tailscale web admin page, since yesterday.

I removed the PFSense from the tailscale web page and with some difficulty removed the tailscale packages and rebooted the pfsense.

I reinstalled the package for tailscale and generated a new auth key on the site. Tailscale is still not coming online, I recall the first time i did this it was nearly instantaneous.

I'm getting these errors in the status page on pfsense;

Tailscale Status (/usr/local/bin/tailscale status)
Error executing command (/usr/local/bin/tailscale status)
Logged out.

Tailscale IP (/usr/local/bin/tailscale ip)
Error executing command (/usr/local/bin/tailscale ip)

This is exactly the same error that I had before I removed everything to start again.

Any suggestions anyone?

My previous key was set to not expire, my current key expires in 3 months, but I thought that could be changed in the admin pages on the tailscale website, but only if the machine is recognised there..

I was running the tailscale to allow all local devices access without having it installed on each device. My current usage is free - about 15 devices on the tailnet.

Be appreciative if anyone can suggest where i go from here- as far as i can tell i unchecked every box which might persist data after package removal to do a clean install.

mcury

@IanMcLeish Facing the same problem.
It happens after a few months, even if they key is set to "Do not expire".

Reported this not long ago: 16004

IanMcLeish

@mcury

Can you get your's back online though?

I have uninstalled everything and reinstalled. Deleted the instance in the Tailscale admin page and made a new key. But I am still offline and no further forward.

IanMcLeish

@mcury

Did you have any joy with the --unattended option?

And where would I add that if you did?

Thanks

mcury

@IanMcLeish said in Tailscale not online:

Can you get your's back online though?

I have uninstalled everything and reinstalled. Deleted the instance in the Tailscale admin page and made a new key. But I am still offline and no further forward.

Yeap, you need to delete the device in the tailnet, generate a new key, paste it to pfsense and save.
This alone will make it go online again.

Then, check the tailnet IP your device got and changed the virtual IP for the NAT to match it.
Accept the advertised routes if any, and that is it.

Did you have any joy with the --unattended option?

I didn't do anything yet besides of reporting the problem.

IanMcLeish

@mcury said in Tailscale not online:

@IanMcLeish said in Tailscale not online:

Can you get your's back online though?

I have uninstalled everything and reinstalled. Deleted the instance in the Tailscale admin page and made a new key. But I am still offline and no further forward.

Yeap, you need to delete the device in the tailnet, generate a new key, paste it to pfsense and save.
This alone will make it go online again.

Then, check the tailnet IP your device got and changed the virtual IP for the NAT to match it.
Accept the advertised routes if any, and that is it.

Did you have any joy with the --unattended option?

I didn't do anything yet besides of reporting the problem.

Aargh.

This is not working for me, it isn't going online again!

Ill try removing the packages again and starting over - i would rather not remove the entire pfsense and start again!! I was following Tom Lawrence's Youtube video. it worked for me before.

mcury

@IanMcLeish said in Tailscale not online:

Ill try removing the packages again and starting over - i would rather not remove the entire pfsense and start again!!

Did you generate a new key ?
Go to the tailnet, click add device, choose linux server, set the expiry to 90 days and click generate install script.
Then, you will see a code being generated at the bottom of the page, copy from the tskey onwards and paste in pfsense tailscale authentication tab.
After that, just follow the instructions in my last post.

IanMcLeish

@mcury

I was generating a key in the tailscail admin domain. I did try your method as well, but still no luck.
Thanks for your help.

I wonder what went wrong on Feb 3 to cause this?

I tried restoring an older backup as well from before Feb 3 and that too made not a jot of a difference.

I think I will give up.

Personally, I know a router can be complicated, as networks and firewall are complicated, but tailscale is so simple on most every product, except this one.

mcury

@IanMcLeish said in Tailscale not online:

I think I will give up.

Weird, those exactly steps worked for me yesterday..

IanMcLeish

@mcury
I got it!

I had to go to the command prompt and run the command tailscale up which then gave me a link to the tailscale web admin page to authenticate. I kinda thought that the whole point of the key was to avoid that, but it is back up and running anyway.

Thanks for your help - was nice at least to know i wasn't doing anything stupid, but maybe missing that last part was me doing something stupid!?

mcury

@IanMcLeish said in Tailscale not online:

I got it!

great