I’m using GL-MV1000 and have set up tailscale. I’m wanting to route all traffic through an exit node. I have successfully did this when tethering with an iphone as my internet source. However when using a cellular modem none of my lan traffic is being routed into the tailscale network. Any thoughts on what may be causing this?
Hi there,
To give you a heads up: GL is still working on Tailscale (still in beta & indicated as such in the GL GUI). More specifically & generally impacting is using a GL device as a exit node isn’t currently supported… but that’s not seeming to be the case here. Hold tight or check for beta/snapshot builds if you feel experimental (… but be sure to make a backup before you do!)
It’s probably a firewall zone/forward from the tailscale daemon not passing traffic to whatever interface is your cell modem/dongle modem. I speculate though. My firewall skills aren’t great so I’d hold tight for someone in GL; I’ve seen some nice advice come from 'em before.
I’m quite sure you’re going to need to install LuCI beforehand though. The aforementioned HOW-TO assists there.
1 Like
Thanks. I’ve tried adjusting firewall rules. I added a Tailscale zone and connected it to Tailscale device and able to forward to and from Lan. That’s worked for tethering. However when using modem clients have internet access that doesn’t go through Tailscale exit node. Exit node has no effect on client connection to internet.
Well, I know I’m rather useless for this situation but this may or may not bet relevant when GL starts looking at this: your firewall ruleset is @ /etc/config/firewall while anything custom inputted into LuCI are @ /etc/firewall.user
cat /etc/config/firewallcat /etc/firewall.user
What firmware version are you currently using? They’ll need to know that too.
1 Like
Currently on 4.3.6 the 7/11 snapshot
Hi dstnmrgn:
Does your brume consist of multiple exit nodes?
Thanks!
No. I only have one exit node in my tailnet
Hi dstnmrgn:
Very sorry. This feature is not currently supported.
Is there an idea of which upcoming firmware is expected to resolve it?
Has GL considered pulling Tailscale from the firmware in full until feature parity/the full capabilities are tested? IMHO I think it was premature to release Tailscale as a beta feature with nothing in GL GUI warning of what does/doesn’t work given customer expectations. I can understand how it could leave a ‘bad taste’ in a user’s mouth/give a poor impression of what GL is really capable of doing.
2 Likes
Ok. Hopefully this is something that can be fixed in future releases. Using an Exit Node from my experience does not work currently at all without first making changes to the firewall by creating a tailscale zone. I’m not sure why traffic is being handled differently with different wan devices but I’m glad you are aware of the problem now. Thank you
Try setting it up manually via the CLI (ttyd or SSH), it appears their config clobbers additional parameters which causes things to fail.
Are you kidding me? I don’t use Tailscale myself but has exit node been confirmed working with those parameters from a command line launch?
EDIT: I pm’d you with a possible workaround to update that gl_tailscale script.
Yes,It will be supported in a future version.
Currently, The basic features of tailscale are only available with repeater and wired networks.
I was rather looking for a more definitive timeframe. Exit node setup on a GL device seems to be a very popular query on these threads as I’m sure you’ve seen.
These features of tailscale will be improved in version 4.6.
The IP of tailscale and modem is conflict.And We’re working on that, too
1 Like
The IP conflict is something I had wondered about. Thanks for the update.
My current workaround to this problem is using another layer of NAT. I am using a Mango for the modem connection and then connecting to the LAN port of the Mango from my Brume’s WAN port. This seems convoluted but I do suspect that this works because of an ip conflict with tailscale and the cellular network. Another layer of NAT seems to resolve this conflict.