pfSense » pfSense Packages

Also, if change working key to different, save changes and then put working key back it won't connect and key will be no valid.

This issue is not limited to clicking the log out button in Tailscale.
In my case, I’m experiencing the same problem without ever logging out manually.

It seems to occur when the firewall is rebooted. Upon reboot, the Tailscale key appears to become corrupted or invalid.
My suspicion is that the problem is related to how the key is stored and later retrieved — possibly resulting in a faulty or incomplete key during the fetch process.

I'm seeing different behavior here.

When using a reusable preauth key, if I click `Logout and Clean`, the local Tailscale instance logs out and clears the local state cache. However, if I restart Tailscale with the same preauth key, Tailscale reauthenticates and creates a new machine node in the Admin Panel. This is expected behavior.

What else am I missing here?

I'm not seeing this:

it will produce error in the status that aut-key no valid

confirmed above behavior with 25.07.1 and tailscale 0.1.8

aleksei prokofiev wrote in #note-6:

Retested on 25.07.1
stepes:
1. Create key in admin panel
2. Setup Tailscale on pfSense using this key and connect instance
3. Change key in pfSense to any wrong key or random number and save
4. Put correct key back and save
5. You can't connect any more with this key

If you use a Reusable key and try to provided these steps, so each time when you put back correct key it will create new instance in admin panel.

Thanks for the repro steps. I will try again

Per Otto Opstad wrote in #note-3:

This issue is not limited to clicking the log out button in Tailscale.
In my case, I’m experiencing the same problem without ever logging out manually.

It seems to occur when the firewall is rebooted. Upon reboot, the Tailscale key appears to become corrupted or invalid.
My suspicion is that the problem is related to how the key is stored and later retrieved — possibly resulting in a faulty or incomplete key during the fetch process.

I have the same reboot issue on 25.07.1 SG4200. After a normal reboot the following status:

1. Health check:
2. - You are logged out. The last login error was: invalid key: API key does not exist.

Any help or suggestions would be greatly appreciated.

Yes, i can confirm this is an issue on the latest public build 25.07.1.
Developers, please take another look. I can give you access to my fw for further testing.
This is for my company a big issue since i have all my customer managed using tailscale.
If a fw is restarted i loose management to the firewall.

Roger Winfield wrote in #note-9:

Per Otto Opstad wrote in #note-3:

This issue is not limited to clicking the log out button in Tailscale.
In my case, I’m experiencing the same problem without ever logging out manually.

It seems to occur when the firewall is rebooted. Upon reboot, the Tailscale key appears to become corrupted or invalid.
My suspicion is that the problem is related to how the key is stored and later retrieved — possibly resulting in a faulty or incomplete key during the fetch process.

I have the same reboot issue on 25.07.1 SG4200. After a normal reboot the following status:

Tailscale Status (/usr/local/bin/tailscale status)

1. Health check:
2. - You are logged out. The last login error was: invalid key: API key does not exist.

Any help or suggestions would be greatly appreciated.