Tailscale - vhat am I doing wrong?

fiddlestix@lemmy.world to Selfhosted@lemmy.world – 20 points –

[SOLVED] People of Lemmy. I'm trying (and failing) to get a friend onto my Tailnet. These are the steps: (1) I send them an invite. (2) They accept it. (3) I approve it. (4) They open the app and login. And ... nothing. They don't show up as connected on my admin panel and they can't access any of my connected machines (IP address is fine). I feel like I'm missing something really obvious but can't see what it is. Any ideas?

EDIT: All fixed. Needed to share machine directly, but this doesn't work for regular users. Once I deleted them as a user and then shared it was all good. Thanks everyone!

13

I think I had a similar problem a couple weeks ago. Make sure they are adding the device to your tailnet, by default it adds the new machine to their own tailnet. I know I hit some kind of issue like that, at least.

Yep. It says they are a member of my network. But no dice.

Firstly, what type of things are you trying to allow your friend to do on your tailnet? I've had trouble in the past trying to get friends to connect to game servers across tailnets, but have been fine connecting friends to things like Jellyfin. Any information on this might be helpful to look over.

Secondly, Have you checked out the ACLs? Access controls to your network can sometimes make things not play nice. Here is the docs on managing your Access control list.

Acls suck.

I always end up using chatgpt to get them at up properly.

Yeah I always feel incredibly dumb when I have to edit them. It's also the only thing I could think of that might be causing issue with OPs tailnet.

Its a great thing to check. All of the issues I've ever had with tailscale stem from the ACLs. Its.Always.the.ACLs.

My favorite is when there is just a tiny footnote on the docs at the bottom that says ~"if you do this maybe check your acls because its not gonna work without changing them"~

Why do they need to be part of your Tailnet? I usually just share a single machine.

Actually this fixed it. Thanks! They can access if I share it but NOT if I add them as a user and then share it. I had to delete them as a user first 🤷‍♂️

Even that doesn't work. I've made them an admin on the machine but they get a message saying they already have access to it. But ... they don't!

I never got that feature of tailscale to work either, sorry. But, it was simple enough to share individual nodes to other users. So try that if it fits your needs.

Hey, I guess it depends on how he is trying to reach the machines. Is he using the tailscale IPs (like 100.100.....) or yours (like 192.168....)?

It's the Tailscale IP. I can connect to it no problem.

I am glad that you could fix it. Have fun.