Synology Issue - Versions Inoperable?

Hello I am having trouble getting my tailnet to work properly since the latest update for Synology NAS. Basically I have two (2) NAS; my primary, DS920+, and a secondary, DS418, located at my parents (thought currently brought it back due to issues. I believe the update to Synology verions 1.30.2 broke something on the DS418. Supposidly this has been repaird in unstable (1.35.1) and stable builds (1.34.2). However things have not been fixed for me. When both NAS are on 1.30.2 then the DS920 is able to back up to the DS418. However if I update both or just the DS418 then the DS418 is able to back up to the DS920. So its like something beyond 1.30.2 breaks the DS920 and fixes the DS418, but anything less than the latest the DS418 doesn’t work. I am not sure if I am the only one with this issue.

I should also mention this all worked prior to the update to 1.30.2 (can’t find which version was in the Synology Package Center before.

Have you tried this?

Yes I have followed the guide and restarted both NAS multiple times. I have even tried resetting the 418 and it is the same issue.

Ok, can both nas ping each other with their tailscale ip?
Did you setup the sync with the tailscale-dns name or did you enter the tailscale ip in the backup config?

I just installed the latest stable on both NAS (1.34.2). I can “sudo tailscale ping IP Address” on both and get a pong back. When I do “sudo ping IP Address” I get 100% packet loss on both NAS. However Hyper Backup on the DS418 says the DS920+ is online, where as Hyper Backup on the DS920+ says the DS418 is offline. The “machine page” says both NAS are “Connected”. I have always used the tailscale IP Addresses for Hyper Backup.

ok, im also using the tailscale ip-adresses in hyperbackup.
sudo ping tailscaleip is working for me on both devices:

But im not running the Synology Package Center version.
Ive downloaded and manually installed the spkg file

Do you have any custom ACL that might be blocking the access? I dont think the ACL is the problem since if you change the tailscale version it works, but who knows.
Also check if your NAS have tags etc.

Im also running this automated task on both NAS:

/var/packages/Tailscale/target/bin/tailscale configure-host; synosystemctl restart pkgctl-Tailscale.service

Hmm… I feel like ever prior to the Synology Package update (to 1.30.2) it was a mixed bag of me getting “sudo ping” to work correctly, but I don’t recall exactly.

I don’t think I have any custom ACLs. I am fairly new to NAS so unless that was part of a setup guide I don’t think I did anything like that.

I have that task as well in my Task scheduler on both NAS.

One thing that I have noticed is when I install the latest version on either NAS I have had to run “sudo tailscale up” to get Tailscale working properly. Before I could do it all through the Synology UI, but that doesn’t seem to be working for me anymore on both NAS.

Also something I am observing today is on the machines page the DS920 stays “connected” for a little bit, but then goes to not being connected within a minute. Where as the DS418 has been “connected” for the entire time.

I wish I could just go back to the Synology Package version before 1.30.2.

Well I feel like an idiot. I was searching through the tailscale github and found another issue that was being tracked. Looks like they had updated the knowledge base with “if synology firewall is enabled…”. Once I added it to the DS418, the DS920+ could see the DS418. It is interesting the DS418 could see the DS920+ without that configuration, but for now I have it on both.

Thank you for your help jonas108. Sorry I missed that in your post from a couple of days ago.

Glad you got it working!
It’s always the little things causing trouble, like the in-built firewall most people don’t even use, that no one is suspecting :smiley: