Tailscale Killswitch?

Hawk33 · March 2, 2025, 7:36am

Is there a way to use a "killswitch" with Tailscale like the "Block Non-VPN traffic" setting? I'm using Beryl AX (GL-MT3000).

bruce · March 3, 2025, 9:58am

Hello,

Is your router Tailscale enabled the exit node?

We have no plans to add KillSwitch functionality to Tailscale for the time being. Sorry. But I will collect it to the PM.

But according to our experience, if exit node is enabled and the peer exit node fails, the router's LAN client will not have Internet access, which seems to be similar to Killswitch.

Hawk33 · March 3, 2025, 3:08pm

I'm using 2 Beryl AX (GL-MT3000) with Tailscale. 1 Beryl AX as the server at home as the exit node and 1 Beryl AX with me. I want all my traffic while traveling sent back to the home Tailscale server without leaks.

bruce · March 6, 2025, 11:17am

You can check whether there is any leakage through website DNS leak.

As long as the exit node is enabled on the "with me", all traffic will pass through the routing table and go to the exit node of the "at home".
Since all data works based on route table, even if the intermediate link or exit node is dropped, thus all traffic cannot go out and cannot be connected to the Internet, so it should not be leaked.

viridisjade · May 5, 2025, 12:21am

Hi, what about the cases if there is a power outage or the tailscale app goes down? Is it physically impossible in such a case for my real ip to be leaked? Is there any workaround for that?
I tried creating a tailscale network interface (in luci settings), but adding it disrupts the tailscale and leaks my ip all the time. Will modifying firewall rules work properly without the tailscale network interface and why can't I add it? (I'm using Beryl AX (GL-MT3000, firmware v4.7.4)

bruce · May 8, 2025, 6:47am

Tailscale does not have strict Killswitch feature, and cannot be worked as a VPN, it cannot guarantee that DNS leak will not occur.

AdamK · July 8, 2025, 1:08am

Unfortunately I have seen a few cases where a power/internet blip has caused Tailscale to leak. So be sure to immediately unplug your device when this happens if you care about this, and keep it unplugged when not in use.

There are some instructions here for a kill switch, but the implementation seems to be hit or miss. It may just break everything. Digital Nomad VPN Tutorial using Wireguard or Tailscale

system · January 4, 2026, 1:08am

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.