TAILMON TAILMON v1.3.0 -Aug 24, 2025- WireGuard-based Tailscale Installer, Configurator and Monitor (Available in AMTM!)

[XIII]

Apparently Tailscale and/or my router went down (I can’t reach them remotely) and now TAILMON is mailing me about that EVERY minute… (so there is still some connectivity)

 

[Viktor Jaep]

Apparently Tailscale and/or my router went down (I can’t reach them remotely) and now TAILMON is mailing me about that EVERY minute… (so there is still some connectivity)

What does the email say? Perfect case to have email rate limiting turned on.

 

[XIII]

failure:%20TAILMON%20has%20detected%20that%20the%20Tailscale%20service%20was%20dead%20and%20not%20connected.%20TAILMON.%20has%20reset%20the%20service,%20and%20reestablished%20a%20connection%20to%20your%20Tailnet.%20Please%20investigate%20if%20this%20behavior%20continues%20to%20persist.

I read about rate limiting in previous release notes, but I must have read them wrong, because I thought it got enabled in that release (by default)…

Definitely going to enable it when I get home!

 

[Viktor Jaep]

Sounds like it's having trouble starting or staying running... Do you have any other devices on your network that you could remote into in order to get to an ssh prompt or UI page for the router? It's always nice to have a backup method to backdoor into your router.

I read about rate limiting in previous release notes, but I must have read them wrong, because I thought it got enabled in that release (by default)…

Yeah, sorry... It's off by default... shows as a red "RL" on the operations menu.

 

[XIII]

My router is refusing all SSH connections that usually work:

• on iPhone via Tailscale
• on iPhone via OpenVPN
• on a Pi on the local network provided by the router (via Tailscale or OpenVPN)

 

[jksmurf]

My router is refusing all SSH connections that usually work:

• on iPhone via Tailscale
• on iPhone via OpenVPN
• on a Pi on the local network provided by the router (via Tailscale or OpenVPN)

That’s a bummer. I was going to ask the same as Viktor. WireGuard on the router saved me a couple of times so I could ssh in and fix Tailscale with Viktors’ special C, I issue —reset option.

It did start me wondering whether one of those power plug devices you could operate over a phone connection to reboot it (and the ONT) might eventually be a good investment …

 

[rung]

My router is refusing all SSH connections that usually work:

• on iPhone via Tailscale
• on iPhone via OpenVPN
• on a Pi on the local network provided by the router (via Tailscale or OpenVPN)

Shameless plug for knock.sh. If you had a reboot command set up, you could potentially send a reboot command to the router from the local network (eg. from Pi?).

knock v1.2 - router commands for non-admin users

 

[Viktor Jaep]

That’s a bummer. I was going to ask the same as Viktor. WireGuard on the router saved me a couple of times so I could ssh in and fix Tailscale with Viktors’ special C, I issue —reset option.

It did start me wondering whether one of those power plug devices you could operate over a phone connection to reboot it (and the ONT) might eventually be a good investment …

View attachment 70496

Had the same thought. A break-glass device in case there's no other option.

https://a.co/d/01Wn8lzq

 

[jksmurf]

Had the same thought. A break-glass device in case there's no other option.

https://a.co/d/01Wn8lzq

Hmm not sure that one has a SIM card option though? … not much chop having a phone App if it only works over WiFi … if the router running the WiFi is not working.

The suggestion I posted above is like an independent plug run off a SIM card (ignore the WiFi capability)… you can make like ET and phone home …

 

[XIII]

Shameless plug for knock.sh.

Link?

(Maybe to prepare for “next time”…)

 

[rung]

Link?

(Maybe to prepare for “next time”…)

Yes, here:
knock v1.2 - router commands for non-admin users

Let me know if you have any questions or issues trying it out!

 

[jksmurf]

Shameless plug for knock.sh. If you had a reboot command set up, you could potentially send a reboot command to the router from the local network (eg. from Pi?).

knock v1.2 - router commands for non-admin users

Just thinking about this though, if the URL can’t get through to the network as nothing is advertising access to it (see XIII list of devices he’s tried to get through on), will it still work ?

 

[rung]

Just thinking about this though, if the URL can’t get through to the network as nothing is advertising access to it (see XIII list of devices he’s tried to get through on), will it still work ?

The router could have a ssh issue only. He mentioned access to the local Pi. I would think the router would really have to be in trouble if the firewall logging is down too (what knock.sh is monitoring). Note the email function and tailmon is still working on the router. One would think knock.sh would be too.

Rung

 

[XIII]

Just thinking about this though, if the URL can’t get through to the network as nothing is advertising access to it (see XIII list of devices he’s tried to get through on), will it still work ?

I have doubts about that as well, but it would at least be one other thing to try.

All the things I tried have in common that they require SSH to work on the router.

I haven’t looked at knock.sh yet, but that might not depend on that?

 

[Viktor Jaep]

Hmm not sure that one has a SIM card option though? … not much chop having a phone App if it only works over WiFi … if the router running the WiFi is not working.

The suggestion I posted above is like an independent plug run off a SIM card (ignore the WiFi capability)… you can make like ET and phone home …

Very true. You'd think if there's a SIM involved, there's probably an ongoing cost as well.

The other item I have on my to-do list for RTRMON is to build in some automated reboot functionality. For instance, if the Internet goes does, and still down after an hour, reboot. Maybe coming up with some other scenarios. In one of my older scripts, it would check for the existence of a file that you could place out on GitHub (or wherever) and if the keyword in this file was found, it would reboot the router. That was another break glass option in case I got locked out of getting to my router.

 

[rung]

I have doubts about that as well, but it would at least be one other thing to try.

All the things I tried have in common that they require SSH to work on the router.

I haven’t looked at knock.sh yet, but that might not depend on that?

Correct. Knock uses firewall logging to execute pre-planned commands like reboot. No ssh needed.