I update the status. In order to solve the problems to reach the devices in other networks, I made the next changes
In luci
Interfaces, add new unmanaged interface. Name `tailscale`
Firewall settings: create new zone `tailscale`, interface `tailscale0`
In firewall settings, add new zone forwarding for tailscale → lan, tailscale → wan, lan → tailscale
In firewall settings, go to NAT Rules, add new NAT rule: Protocol: `any`, Outbound zone: `any`, Source/Destination: `any`, Action: `masquerade`. Go to “Advanced Settings” and set “Outbound device” to `tailscale0` interface
The next step is to set some settings in tailscale
tailscale set --accept-routes=true
Next, tailscale up and then I can reach my devices under the pfsense router.
root@GL-AXT1800:~# ping 10.0.1.1
PING 10.0.1.1 (10.0.1.1): 56 data bytes
64 bytes from 10.0.1.1: seq=0 ttl=64 time=98.524 ms
64 bytes from 10.0.1.1: seq=1 ttl=64 time=100.307 ms
but these settings disappear after a reboot. After a reboot I need to write from CLI again tailscale set --accept-routes=true and tailscale up
because if I don’t make these changes the following message appears:
# Health check:
# - Some peers are advertising routes but --accept-routes is false
any ideas on how to make these changes permanent?