Hello - I am running a small tailnet network between two Brume devices and one MT6000. The 6000 is at my office and I want the brume devices to use the 6000 as an exit node. I am having a hard time configuring it to do this - there are some similar forum posts that reference SSH into the router to change some tailscale configuration but I am having a hard time following them because they are earlier versions.
Any assistance setting up this internet exit node would be most appreciated.
2 Likes
Hi
Essentially, you just need to SSH into the router and edit the /usr/bin/gl_tailscale script.
Add --advertise-exit-node to the following line:
timeout 10 /usr/sbin/tailscale up --advertise-exit-node --reset --accept-routes $param --timeout 3s --accept-dns=false > /dev/null
If you’re not familiar with Linux text editors, you can simply run the command below after connecting via SSH to make the change automatically:
sed -i 's/tailscale up/tailscale up --advertise-exit-node/' /usr/bin/gl_tailscale
Remember to enable the "Allow Remote Access WAN" to allow forward from Tailscale to WAN.
1 Like
Thanks. I was able to run that code and it worked, however, I am now getting the following message from Tailscale admin center
After a reboot it is advertising the exit node as well as the local LAN - so that is good. Strangely this morning from home I was on the Brume (connected through tailscale to the 6000) and even though tailscale admin showed the devices as online, I didnt have any internet so presumably something was happening on the 6000 that wasnt passing traffic.
Now that I am back at the condo - everything is bound and tailscale is up - the office is advertising the exit node - but my IP address at the condo is not the office IP so my IP is leaking and not going through tailscale. How can I solve that ?
I assume you have already
- configured the MT6000 to advertising the exit node
- enabled "Allow Remote Access WAN"
- enabled its "Use as an exit node" in Tailscale Admin Panel.
May we know have you configured the MT6000 as an exit node in Brume?
Tailscale - GL.iNet Router Docs 4
So…I have got this working by editing the the gl_tailscale file as described. My MT6000 also runs a commercial Wireguard VPN client and Adguard home. When I connect an outside client to Tailscale using the MT6000 as an exit node, does the data flow through Adguard and the VPN?
Is this the right place to ask this question or should I start another topic?
Currently, when the MT6000 functions as an exit node, traffic from other devices is routed directly through the WAN instead of the VPN.
DNS queries also follow the device’s configured DNS settings and are not redirected or processed by AdGuard Home.
Is this by design or will there be other options in the future?