Funnel Not available - not set

ctech · December 23, 2022, 11:17pm

I am trying to run

tailscale serve funnel on

on a FreeBSD machine with version 1.34.1. I get:

Funnel not available; "funnel" node attribute not set. See https://tailscale.com/kb/1223/tailscale-funnel/.

But I have done this. Here is my policy file end.:

	"nodeAttrs": [
		{
			// Funnel policy, which lets tailnet members control Funnel
			// for their own devices.
			// Learn more at https://tailscale.com/kb/1223/tailscale-funnel/
			"target": ["autogroup:members"],
			"attr":   ["funnel"],
		},
	],
}

What should I do to get past this issue?

muzicman0 · December 23, 2022, 11:35pm

I just went through this. I had to set up a group instead of autogroup.

“groups”: {
“group:can-funnel”: [
“my.email@gmail.com”,
],
},

AND:

“nodeAttrs”: [
{
// Funnel policy, which lets tailnet members control Funnel
// for their own devices.
// Learn more at Tailscale Funnel · Tailscale
“target”: [“group:can-funnel”],
“attr”: [“funnel”],
},
],

ctech · December 24, 2022, 12:21am

That worked. Thanks!

muzicman0 · December 24, 2022, 12:43am

great! One thing also, at least for internet enabled sites, it took quite a bit longer than the 10 minutes for it to be up for me. Probably closer to 20-30 minutes.

ctech · December 24, 2022, 4:22pm

So with these permissions, can you access the .ts.net address that it gives you from any public IP without being on the tailscale network? I’m not able to and I’m trying to figure out why and it seems like it only allows me to do it when signed in.

Edit: it should work fine. I just was not going to the HTTPs version. Sorry for the confusion.

itspetemorgan · January 17, 2023, 8:33pm

This fixed it for me too. A small nudge to the docs would really help for this!