Public IPv4 Address + Subnet Forwarding

SupportBot · October 27, 2020, 6:54pm

Tailscale user:
Our customer support uses Postman to hit internal APIs, and we typically facilitate this through IP whitelisting at the Security Group level. One of our members has a satellite connection that reallocates her IP frequently, so I was hoping to Tailscale her in - seems like a great solution.

We have hundreds of these endpoints hardcoded to the public IP address of our API server. I followed the subnet routes guide, configuring it to use the instance’s public IP with a /32 CIDR range, but I can’t ping or resolve HTTP requests from my laptop. (The internal Tailscale-assigned IP does work).

Do you think this feature can work with the public IP?

SupportBot · October 27, 2020, 7:00pm

Tailscale support:
If I understand correctly, you’ve installed Tailscale on your member’s device (the one using a satellite connection). Have you also installed it on your API server (or some server or virtual machine on the same subnet)?
Essentially, you’ll want to configure the IP whitelist to contain the (non-Tailscale) IP address of the endpoint where Tailscale traffic is emerging. If that’s the API server itself then that’s ideal, but it could be any device that has a public IP address that is in your whitelist.

This article is relevant: https://tailscale.com/kb/1059/ip-blocklist-relays

Topic		Replies	Views
Use tailscale to provide public IP to node in tailnet	0	2411	September 18, 2022
Residential Proxy with Tailscale SUPPORT QUESTIONS	2	1899	October 6, 2021
Route external traffic through Tailscale	3	1103	October 5, 2021
Tailscale: publically routable IPs for nodes?	0	463	January 27, 2023
Advertise hosts LAN IPs SUPPORT QUESTIONS	0	378	August 28, 2022

Public IPv4 Address + Subnet Forwarding

Related topics