pfSense maybe blocking Tailscale on local LAN?
-
I have Tailscale on my local machines (not on the pfS device, for...reasons), connecting to different Tailnets. My desktop connects to my remote office, and my personal (home) Tailnet. My wife's desktop PC connects only to our home Tailnet.
Everything generally works fine, except that my wife's PC sometimes has trouble seeing network shares on our local server. She has to turn off TS in order to see local SMB shares. Oddly, she can turn it right back on, and it will often continue to work, almost like it just needs a reset or something.
I've posted in a Tailscale help forum, and they have helped examine the logs for me. One thing that jumped out at the one assisting me was that "it seems like NAT-PMP on your router and Tailscale aren't playing well together", as he put it.
Anyone have any idea how I'd go about checking what exactly that means on the pfSense side?
Does Tailscale require any specific open ports or anything?
My other devices, including my desktop, are all working just fine. The only difference that I can think of (other than being different physical hardware of course) is that my wife's desktop accesses the network via wi-fi, and I'm on wired LAN. My phone and iPad both seem to work fine, and they're wireless, obviously.
Any suggestions appreciated. This has been a thorn in the side for months now.