I’m having similar issues. I think that your answer to ss4pc’s question but I wanted to document my use case here, as well, including feedback.
I just received the Beryl AX which I bought specifically for a travel router that will route my traffic through a tailscale exit node. I don’t have any experience with OpenWRT but saw that Beryl AX was running an openwrt version which supported tailscale, so I thought I’d be fine. My tailscale network is already set up, including my exit node.
I received the Beryl today and tried to install tailscale with Luci. For some reason only the tailscale package is available, but it has a dependency on tailscaled, which was not available, and so I could not install tailscale.
After a lot of searching and poking around I found that the 4.2 supports tailscale natively, so I had to figure out how to install that.
After installing that I went to enable tailscale and turned it on but then had issues with the authentication step. I looked at my RPC traffic and saw requests (get_auth, I think) and empty responses. I noticed a bunch of entries in the log for skip line without '=' Default
every time I enable tailscale. So I ssh’ed in and ran tailscale up
, went through the auth steps, and it connected.
However, my intention is to route all WAN traffic through tailscale to the exit node to the internet. Something like this:
[Local Network] -> MT-3000 (100.99.49.42) -> tailscale (via internet) -> exit node (100.78.129.41) -> internet
I consider tailscale to be a VPN, so I’m surprised that it’s in the Apps section. Also, there’s no “Block non-VPN traffic” equivalent for tailscale, so I’m starting to get worried that the Beryl won’t do what I bought it for.
In any case, your instructions refer to enabling subnet routes, but there are no subnet routes to enable in the Tailscale UI. I understand that they have to be “requested” by the local app, and that hasn’t happened, so maybe something else is broken? I set the “allow remote access LAN” setting.
Also, I notice even after a few restarts when I turn on the “enable tailscale” button the client doesn’t actually come online (based tailscale status
). Only the daemon is started, and when I turn it off via the UI the daemon is stopped, but even when the switch is on in the UI I get
# Health check:
# - state=Stopped
I tried to manually run tailscale up --exit-node ...
but all that did was turn off my local connection altogether. Luckily because tailscale was up I was able to access my Beryl via the tailscale network.