Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Use other Tailscale exit nodes

    Scheduled Pinned Locked Moved Tailscale
    5 Posts 5 Posters 2.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cyrus104
      last edited by

      I would like to do some policy based routing and have 1 of my vlan/subnets get routed through Tailscale to an exit node somewhere else.

      Working:
      Right now, I can get to other published subnets if I manually add them to the NAT Outbound.
      user -> pfsense -> tailscale (package) -> other node -> published subnet

      Not Working:
      user -> pfsense -> tailscale (package) -> other node -> internet

      Is there a way to get the published subnets automatically added to the Outbound NAT?

      Is there a way to get the tailscale0 interface added as a gateway device?

      occamsrazorO 1 Reply Last reply Reply Quote 1
      • occamsrazorO
        occamsrazor @cyrus104
        last edited by occamsrazor

        @cyrus104 said in Use other Tailscale exit nodes:

        Is there a way to get the tailscale0 interface added as a gateway device?

        Sorry I can't help on your main questions, but I was wondering about this aspect... unlike say OpenVPN connections the Tailscale doesn't appear as an interface. I'd be interested if it was possible, because Tailscale does not support Bonjour/Zeroconf multicast DNS (see my post here).... so I was thinking if it could appear as an interface then you could use something like IGMP proxy or Avahi to get around this problem. But I don't have expertise... there is probably something that makes this idea not viable.

        pfSense CE on Qotom Q355G4 8GB RAM/60GB SSD
        Ubiquiti Unifi wired and wireless network, APC UPSs
        Mac OSX and IOS devices, QNAP NAS

        1 Reply Last reply Reply Quote 0
        • D
          DelDCL
          last edited by

          I am also trying to figure out how to route my Internet traffic via Tailscale's exit node. Any idea? I can't seem to find any documentations. I only see tutorials on how to use PFSense as exit node.

          1 Reply Last reply Reply Quote 1
          • A
            Andan60
            last edited by

            Has anyone figured this out?

            I was hoping to route just my TV traffic through Tailscale on PfSense to an exit node.

            1 Reply Last reply Reply Quote 1
            • N
              netroute_ts
              last edited by

              The only way I've been able to route pfsense to an exit node is to first create an interface bound to the tailscale service, add the tailscale IP address tied to your device as static, and add the exit node you want in the upstream gateway field. Then, head over to the System->Routing->Gateways settings and edit the new gateway. Disable gateway monitoring and gateway monitoring action. Lastly, go into your firewall rules for your LAN that you want going into the tailscale vpn and set the gateway for each rule to the new gateway. Your devices should be routing to the exit node now.

              This is not ideal, as your device IP could change at some point, but it's the only thing I got to work. I even tried pushing 0.0.0.0/1 and 128.0.0.0/1 as a subnet from the exit node to override the default route, and that worked at first, but as soon as the tailscale service itself needs to talk, it sends traffic within its own VPN and things fall apart.

              1 Reply Last reply Reply Quote 0
              • C chickendog referenced this topic on
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.