UPDATE (13:40 ET / 2024-07-05): Got the connection working via SMB. Literally the only thing I changed was moving to a credentials file rather than specifying credentials inline, so … I’ll be trying to figure out what mystery affliction prevented the connection before. Leaving this up because there are a bunch of great suggestions for troubleshooting this issue in the comments. Thanks everyone.

ORIGINAL POST:

Currently pulling out my hair. I have a Synology NAS with the tailscale service (everything up to date). I have a NixOS client laptop, everything up to date.

I’m simply (?) trying to connect to a share via tailscale, and I have not managed to find anything that works. I’ve been using NFS, but I’m fine with SMB … or carrier pigeons at this point.

Does anyone know of a step by step, detailed, current tutorial to accomplish accessing a Synology share via tailscale on a linux device? I would not have thought this would be challenging!

  • pukeko@lemm.eeOP
    link
    fedilink
    English
    arrow-up
    2
    ·
    6 months ago

    It’s the same error regardless of whether I connect by tailscale IP (100.x.x.x) or the tailscale hostname, and it strongly suggests an issue on the Synology, but everything looks correct on the NAS (but I am by NO MEANS an expert):

    mount.nfs: access denied by server while mounting $IP:/volume1/$mount

    • just_another_person@lemmy.world
      link
      fedilink
      arrow-up
      8
      ·
      6 months ago

      Then you need to ssh into both devices and confirm they can both ping each other via the tailscale interface as a starter. That will at least shownif you have a routing problem.

      • pukeko@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        2
        ·
        6 months ago

        Apologies for the delay. July 4th festivities and rescuing a kitten from a storm drain intervened (upside: we now have a kitten).

        I can ping the NAS from the client on the Tailscale IP (100.x.x.x) and the tailscale hostname. If I SSH to the NAS, I cannot ping the client machine, but everything on the NAS is available from the client other than the NFS share (and I think I remember reading that the Synology tailscale client does not support ping).

        I realize we’re sort of narrowing in on an NFS setting or possibly a firewall setting, and I appreciate your patience in going on this journey with me, but I have configured both according to, most relevantly, the tailscale documentation for connecting to a Synology NAS.

    • offspecA
      link
      fedilink
      arrow-up
      3
      ·
      6 months ago

      I don’t use synology but it kind of seems like the synology has an allowlist for subnets that can connect to it. Do you know what service is hosting the file share?

      • pukeko@lemm.eeOP
        link
        fedilink
        English
        arrow-up
        1
        ·
        6 months ago

        The allowlist for NFS allows the tailscale subnet and the local LAN subnet.

        • offspecA
          link
          fedilink
          arrow-up
          1
          ·
          6 months ago

          Does tailscale have a consistent subnet? Can you connect to the NFS share over the LAN net?