Tailscale setup issue in QubesOS: Can't ping each other

Hello ,

I’m currently trying to set up Tailscale in QubesOS, specifically in a Fedora appVM.

I have successfully installed Tailscale, but I’m facing an issue where I can tailscale ping other devices on the network, but I cannot perform a normal ping between them.

I suspect that this issue is related to the firewall configuration (maybe wrong).
Has anyone successfully set up Tailscale in QubesOS and encountered a similar issue?
If so, could you please share the steps you followed to resolve it?

Any help or suggestions would be greatly appreciated.
Thank you in advance!

Similar Issue:

• Tailscale connected, but network traffic doesn't reach destination on Windows · Issue #978 · tailscale/tailscale · GitHub
• Win 10 stopped connecting, can't get ping response - Windows - Tailscale
  (These issues are with windows though)

You could have connection, but ping is filtered by firewall.

Remember Tailscale had a near 10/10 root privilege vulnerability recently. Complete take take over the system. If installed in a template, all app VMs would have been at risk.

Thanks for your reply.

Can you please tell me how to allow ping?

It is a critical vulnerability.
Can you please provide a link to the vulnerability?

CVE-2022-41924 here:

On firewall, you have to define an allow icmp rule. The syntax depends on firewall and operating system. If you don’t know that, it probably won’t be helpful since you need to be able to troubleshoot and test various things.

Thanks for the reply.
Sorry it took me so long to reply.
Do I just define an allow icmp rule in sys-firewall?