Can you ping server 1 from the subnet router?
Make sure to check if you have a firewall blocking ICMP packets on server 1 or somewhere between.
Maybe run traceroute from both serves and compare the route taken and where it stops.
This is very related to the SNAT option for subnet routers on Tailscale. Though it’s enabled by default, I ran into issues with some services when I’d left it turned off by accident at one point.
In theory the “clean” way to do is to not use SNAT but then the network router needs to do some extra work to bridge the gap in the connection. Personally I was a dealing with a strict service on a device that wouldn’t accept regular non-SNAT traffic (the service was smart enough to say “no, I’m only running on 192.x.x.x and refuse to send traffic to Tailscale”).
Can you ping server 1 from the subnet router?
Make sure to check if you have a firewall blocking ICMP packets on server 1 or somewhere between.
Maybe run traceroute from both serves and compare the route taken and where it stops.
Thanks for this!
This is very related to the SNAT option for subnet routers on Tailscale. Though it’s enabled by default, I ran into issues with some services when I’d left it turned off by accident at one point.
In theory the “clean” way to do is to not use SNAT but then the network router needs to do some extra work to bridge the gap in the connection. Personally I was a dealing with a strict service on a device that wouldn’t accept regular non-SNAT traffic (the service was smart enough to say “no, I’m only running on 192.x.x.x and refuse to send traffic to Tailscale”).
Thanks will try