Tailscale, can I disable GL-iNet cloud

ronxp2000 · November 24, 2025, 10:49pm

Ok, so I got Tailscale working on an RM1.

Can I use the Gl-inet software, and disable the GLiNET CLOUD TOTALLY

and “ONLY” use TailScale as a means for remote access?

admon · November 24, 2025, 10:50pm

You can, but I would not recommend it. In case Tailscale fails, you can't access the device anymore.

ronxp2000 · November 24, 2025, 10:51pm

So there is no reset process or anything to regain control if that was to happen? If not, that seems insane. Bummer.

Thanks.

admon · November 24, 2025, 11:45pm

Locally you can access the device of course.

ronxp2000 · November 25, 2025, 1:01am

So in that case, I can reenable the GL Cloud, correct?

jdbower · November 25, 2025, 1:23am

Yes. And if you're remote there are other options. Installing Tailscale on another device that is local or using an SSH server local to it to setup a SOCKS proxy for your browser can both get you access to the device if TS is down. I've disabled the cloud service and have multiple ways to access my remote lab.

Kyrie · November 25, 2025, 1:33am

No, GLKVM APP only work when the GLiNet Cloud service is enabled.
It's remote accessing is established via GLKVM cloud server.

If you need to use tailscale for remote access, using web browser is the only choice.
We suggest using chrome which is the same as using app.

elvisimprsntr · November 25, 2025, 1:39am

I added a /etc/kvmd/user/scripts/S10_block.sh script to block all internet access and run Tailscale with advertise routes enabled on a pfSense firewall. I can still access the GL-RM1 both locally or remotely via it’s static LAN IP address, using SSH or a browser. No required.

#! /bin/sh

# Stop DNS ping flood
/bin/sh /etc/init.d/S23led stop

# Allow LAN
iptables -I OUTPUT 1 -s 192.168.69.60 -d 192.168.69.0/24 -j ACCEPT

# Block everything else
iptables -I OUTPUT 2 -s 192.168.69.60 -j DROP

Make sure the script has execute permissions

chmod a+x S10_block.sh

Simply just too much traffic from the GL-RM1 phoning home and bombarding public DNS/NTP servers. If I ever need to update the firmware, I can download it from GL-iNet and perform a local upgrade.

JonSnow · December 7, 2025, 11:22am

cant get this to work on 1.7.2R1, not even the led turn off.

elvisimprsntr · December 7, 2025, 11:36am

You will need to provide more specific details what you tried and any error messages for anyone to help. Some context would be helpful what specifically you are trying to do.

JonSnow · December 7, 2025, 3:17pm

I guess S10, S20 labels are needed for it to work correctly? I just called it no_internet.sh and it didn’t work but now it does with S10.

mrjohnpoz · December 8, 2025, 8:18pm

This was exactly what I was looking for thank you. I set up a glkvm comet a few days ago, and recently noticed how much of chatty cathy it was - jfc

If I need to remotely access it, I would do so through normal vpn into my network. I have zero need for it to talk to anything outside my local network.. I just modified output 1 to reflect my local networks and the glkvm IP.

I also have it just talking to my local ntp server.. Now its quiet as a mouse