Unable to reach a service on Windows via Tailscale IP

I am running a VNC server on my Windows machine. I am testing VNC connection from the same machine and it works when:

  • I try to connect using localhost
  • I try to connect using LAN IP address

However it does not connect when using Tailscale IP.

From the netstat output, I see that VNC server is listening on all interfaces:

TCP               LISTENING       30436

I am running the latest tailscale 1.4.3.

Maybe we could interactively debug this together? Not sure what timezone you’re in but if anything works out, feel free to grab some time on my calendar: Calendly - Brad Fitzpatrick

Also, what’s your Tailscale IP?

My Tailscale IP is

Thank you very much for the offer to debug this together. I am totally up for it. However I was not able to schedule a timeslot in Calendly. I get: image

I even tried to register to Calendly, but still got the same.

Weird, Calendy had lost access to my Google Calendar and I had to renew it. Fixed. Try again?

Also, we just released 1.4.4 with a number of fixes. Try to upgrade to that first and see if you can still reproduce it?

I see you also have an Android phone (running 1.4.0). The 1.4.4 build is coming out soon for that. But I assume you were trying to update from your Arch Linux machine? Update that from 1.4.2 to 1.4.4 first too.

Calendly link works now. Thanks. I’ll schedule a meeting if an upgrade to 1.4.4 will not solve this issue.

Upgrading to 1.4.4 fixed it!


Had the same issue after going to 1.4.4 on Android, the downlevel devices simply stopped being available. VNC’ing in on thier “real” IP’s and updating to dot4 fixed it.

This was a really old hack I came up with but maybe architecturally could be useful. Private X.25 network with a few hundred devices, very early Windowd. A TSR (yes, that old) whose only purpose was to check which version of main to load.

The decision was predicated on a flag, Magic Packet sorta delivery, that said which version to use and was only changed when all devices had the same, new version, installed.

So if even one device hadn’t been updated, everyone stayed on v-1.

Some of the updates for more remote devices were done by snailmailing a floppy to the receptionist with a “do this, then that” set of printed instructions.

Government bureaucracy at its finest. Real-time access? Not on your Nellie.

I still have this issue. I thought it was fixed at some point, but now I see that this still happens. I am using the latest Tailscale version on Windows.

So after my Windows machine boots up, I am able to reach the VNC server only by using the local IP address. I need to restart Tailscale (disconnect/connect does not help) for the VNC server to be accessible via Tailscale IP. Could it be that the order in which VNC server and Tailscale starts is important?

If the VNC server enumerates the list of interfaces to listen on, the startup order might matter.

If it has an option to listen on (meaning, any interface) that could avoid the issue.

But I only need to restart Tailscale (not the VNC server) to make Tailscale IP address to start working.

can you send us the Tailscale IP of windows machine and capture the “tailscale bugreport” when you reproduced the issue and windows machine not reachable on Tailscale IP before restarting Tailscale.

Email these details to support@tailscale.com