Can’t access LAN from iPhone WG app
-
@hfederau In tailscale control Center, are All devices are approved? and KeyExpiry is disableed for your trusted devices?
-
@TommyMoo They show as connected and I disabled Key Expiry. I am starting to think that my ISP is blocking this sort of traffic, maybe because I am a home user...
-
@hfederau Which Tailscale Version is running on your pfsense? mine is ->
-
@hfederau when you check in ControllCenter of Tailscale green Online status indicators behind your devices...things should be OK...and your ISP doesnt block...
-
@TommyMoo Yes, they show green. Is there anything in the Firewall rules I need to change?
-
@hfederau In your Pfsense Tailscale Menu, you can check STATUS, and see the routes and which ping times, they have.... please check
-
@hfederau I didnt had to do anything in my firewall settings for Taislcale work....
-
@TommyMoo Hmmm…I get the following in the Status screen
Health check:
- Tailscale could not connect to the 'Denver' relay server. Your Internet connection might be down, or the server might be temporarily unavailable.
Report:
* Time: 2025-09-20T19:46:44.486120521Z
* UDP: false
* IPv4: (no addr found)
* IPv6: no, but OS has support
* MappingVariesByDestIP:
* PortMapping:
* CaptivePortal: false
* Nearest DERP: unknown (no response to latency probes) -
@hfederau one more idea I have, can you check, if Taislcale is avaiable for your NAS system? Maybe it has a package manager, or LINUX OS on which you can install Tailscale directly...and connect it to your accounts Tailscale Control Center
-
@hfederau Oh, the Health Test failed... right now, dont know what to say, maybe ther server or your relay, is really down temporaly..
Mine looks like this ->
Report:
* Time: 2025-09-20T19:44:47.132521063Z
* UDP: true
* IPv4: yes, 91.XX.XX.55:61638
* IPv6: no, but OS has support
* MappingVariesByDestIP: false
* PortMapping:
* Nearest DERP: Frankfurt
* DERP latency:
- fra: 25.4ms (Frankfurt)
- nue: 27.5ms (Nuremberg)
- ams: 30.8ms (Amsterdam)
- par: 38.3ms (Paris)
- lhr: 43.5ms (London)
- hel: 47.7ms (Helsinki)
- waw: 49.4ms (Warsaw)
- mad: 54.7ms (Madrid)
- nyc: 107.1ms (New York City)
- iad: 112.3ms (Ashburn)
- tor: 121.7ms (Toronto)
- ord: 125.7ms (Chicago)
- mia: 131.7ms (Miami)
- dfw: 142.2ms (Dallas)
- sfo: 167ms (San Francisco)
- den: 171ms (Denver)
- lax: 173ms (Los Angeles)
- sea: 187.6ms (Seattle)
- nai: 189.4ms (Nairobi)
- jnb: 202ms (Johannesburg)
- hnl: 226.5ms (Honolulu)
- sao: 247ms (São Paulo)
- sin: (Singapore)
- syd: (Sydney)
- blr: (Bangalore)
- tok: (Tokyo)
- hkg: (Hong Kong)
- dbi: (Dubai)
Its a Mesh Network, it should work, and fall back to another node when your Denver relay would be down... Im wondering...
-
@hfederau If I compare, you dont even have an IPv4 adress that Tailcale is using...strange... so it cant work, for some reason, it doesnt get an IPv4 adress of your WAN interface
-
@TommyMoo Maybe something is messed up with my pfSense WAN setup…? BTW, thanks for the help :)
-
I have pfBlockerNG and Snort installed and running. Could they be blocking the traffic? I disabled them for a bit, but didn’t really see a difference
-
@hfederau For comparing, you use which pfsense version, I use CE 2.8.1, and Tailcale version 1.86.4, why I ask, is, pfense 2.7.2 is BSD 14, during the new pfsense 2.8.1 is BSD 15, which then may requiere, we use the right matching Tailscale version.... there is here in the forum, a Thread, for updateing Tailcale... and have an eye for the right BSD version... if you in pfsense 2.7.x you need BSD version 14, if you on pfsense 2.8.x you need the BSD 15 version
-
@hfederau For testing, a few minutes, I would disable pfblocker and snort...and reboot, just to see, if then in the Tailscale Menu under STATUS then appears a IPv4 adress from your WAN Interface
-
@hfederau please, check out this thread->
https://forum.netgate.com/topic/174525/how-to-update-to-the-latest-tailscale-version?_=1758396205369
-
@hfederau Actuallly, if you on pfsense 2.8.1, you should install/update to 1.86.4 in your pfsense shell with the command with date today 20.9.2025:
pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.86.4.pkg
If you on pfsense 2.7.2, you on BSD 14, and then you should use this shell command to install/update to latest version (date today 20.9.2025)
pkg add -f https://pkg.freebsd.org/FreeBSD:14:amd64/latest/All/tailscale-1.88.1.pkg
-
@TommyMoo Ok, I did a reboot and it worked for a bit. The status report also showed the info like yours, but then after a few minutes it dropped again.
I will do the package update, I am running pfSense 2.8.1 -
@TommyMoo said in Can’t access LAN from iPhone WG app:
pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.86.4.pkg
Can I run this command directly through the command prompt from within pfSense?
-
@hfederau said in Can’t access LAN from iPhone WG app:
@TommyMoo Ok, I did a reboot and it worked for a bit. The status report also showed the info like yours, but then after a few minutes it dropped again.
I will do the package update, I am running pfSense 2.8.1Yes, thats a good sign, wonderfull now please update your Tailscale version with this command ->
pkg add -f https://pkg.freebsd.org/FreeBSD:15:amd64/latest/All/tailscale-1.86.4.pkg
and then I would reboot again and see
