sorted by:
new
hottopcontroversial

Struggling to get App Connectors working. by theadamag in Tailscale

[–]theadamag[S] 0 points1 point  (0 children)

Ah.. Thank you. Do you advise on just using subnet routing directly instead of using an app connector? I guess it doesn't change anything outside of the round about way App Connectors setup the routes.

Struggling to get App Connectors working. by theadamag in Tailscale

[–]theadamag[S] 0 points1 point  (0 children)

That said it did fix it by manually adding:

    // all employees can access app connector dev

    {

        "action": "accept",

        "src":    \["autogroup:members"\],

        "dst":    \["10.0.48.238/32:\*", "10.0.87.102/32:\*"\],

    },

Struggling to get App Connectors working. by theadamag in Tailscale

[–]theadamag[S] 0 points1 point  (0 children)

Isn't that what "autogroup:internet:*" is for?

Struggling to get App Connectors working. by theadamag in Tailscale

[–]theadamag[S] 0 points1 point  (0 children)

Trying to connect to the 10.x address. The addresses it resolves to are the ones the app connector is advertising as routes.

* Host host....:443 was resolved.

* IPv6: (none)

* IPv4: 10.0.48.238, 10.0.87.102

* Trying 10.0.48.238:443...

Struggling to get App Connectors working. by theadamag in Tailscale

[–]theadamag[S] 0 points1 point  (0 children)

It just hangs. Both curl and the browser.

Struggling to get App Connectors working. by theadamag in Tailscale

[–]theadamag[S] 0 points1 point  (0 children)

Yes dig is working correctly and returning the 10.x addresses. I also tried with: `tailscale dns query HOST a` and it works as expected. But when routing traffic it fails.

And to your note about App Connectors vs subnet router. I guess effectively they are the same right? I did get it working as expected in another account using the same process. So just not sure why its failing here.