Unable to connect to Linux machine when Tailscale is running

There is a known issue where you aren't able to connect to a local IP address on Linux with Tailscale when using the --accept-routes flag. When you enable this flag, Tailscale's routing configuration can interfere with local network connectivity.

What's happening

When you use --accept-routes on Linux, Tailscale sets up policy routing rules that can override your local network routes. This causes traffic destined for your local network to be routed through Tailscale instead of directly through your local network interface. As a result, your Windows machine can't reach your Ubuntu machine via its local IP address.This is a common issue that has been reported multiple times in the Tailscale community, as seen in issues like Unable to access other vLANs on home network and Subnet router affects access to nodes on the LAN.

Solution

You can fix this by adding a rule that prioritizes your local network traffic over Tailscale routes. According to the Tailscale troubleshooting guide, you can use the following command:

sudo ip rule add to 192.168.X.0/24 priority 2500 lookup main

Replace 192.168.X.0/24 with your actual local subnet. This command adds a rule with a higher priority than Tailscale's rules (which are in the 5200-5500 range), ensuring that traffic to your local subnet uses your main routing table instead of Tailscale's routes. Note that this change is not persistent and will need to be reapplied after a reboot. You can make it persistent by adding it to a startup script.

Alternatively, you could consider using the Tailscale IP addresses to connect between your machines instead of the local IP addresses, which would avoid this routing conflict entirely.