Tailscale on GL.iNet Opal

Hello, I used this command to install tailscale on my GL.iNet Opal SFT-1200
“echo “src/gz openwrt-tailscale OpenWrt Tailscale” >> “/etc/opkg/customfeeds.conf”
opkg update
opkg install tailscale”

and it is installed and when I ssh in and type tailscale and do tailscale up everything seems to be working and when I go to tailscale website it shows my router as online and connected on there website. I am trying to connect my GL.iNet to a exit node (My debian server at home which I have setup correctly I believe because I can connect my phone to it via the tailscale app). When I try to tailscale up on my GL.iNet device though nothing happens with the actual network. It’s like the VPN is up but none of the traffic is being forwarded through it. I asked on reddit Reddit - Dive into anything and someone recommended I come here and ask. I am left at a point where I don’t know what left to do. I am sorta new to OpenWRT and know debian a decent amount.

Someone on reddit mentioned it being a firewall issue likely but I don’t know where or how to make this work. It would be amazing if someone could walk me through this or at the very least point me in the right direction.

It might be helpful for others if you put your commands in a code block, which avoids various munging and makes it easier to read. Just add lines consisting only of triplets of backticks before and after.

For example:

echo 'src/gz openwrt-tailscale https://lanrat.github.io/openwrt-tailscale-repo/packages/19.07' \
    >> /etc/opkg/customfeeds.conf
opkg update
opkg install tailscale
1 Like

You did not specify what version of the GL.iNet firmware you are running on your Opal. With newer versions, you need not configure a custom feed or use opkg directly.

Assuming you’re running v4.2 or later (which is still in beta testing for Opal), I suggest working through the relevant GL.iNet docs and then coming back here if it doesn’t work out for you.

If you’re going to try to DIY it on 3.x, you probably should review the Tailscale docs on use of exit nodes. You need to use the --exit-node argument to specify the name or address of an exit node when starting tailscale on any machine that should use an exit node.

Ok didn’t know how to do code block that’s my bad.

I’m on GL.iNet Opal panel version v4.3.6 (Opal is not included in the technically list of supported devices but people claim to have got it working using CLI via ssh. I’m on OpenWRT version 18.06. Tailscale works, it comes up and goes online and says connected on tailscale web page but its like it’s running on it’s own but refuses to connect to the exit node.

I have tried the simple steps detailed by @HarvsG by installing the 4 Tailscale plug-ins (just make sure that all 4 packages are installed before rebooting the router) to get Tailscale on my GL-AR750S.

Tailscale installed perfectly well on the AR750S but I could not easily get the binding link to connect the device to my Tailscale network until I started experimenting with different snapshot 4.x.x. firmware versions. Managed to get the binding link on both v4.3.2 and also 4.3.6 which I have kept installed on the router for now although I could not get the binding link to show up for love or money on the latest 4.3.7 available snapshot. Anyone knows why it worked with the slightly older versions of the snapshot but not on the latest one and whether there is a way to fix this?

Hope this helps you get it working on your Opal as well.

On the Opal Tailscale is not supported at all. Like it doesn’t even show up in the VPN section on GL.iNet page at 192.168.8.1 or on the app. Are you sure that would work for my Opal?

If you are in firmware 4.2.x and above, then it should show up once you have installed the 4 packages as described. Whether it will work or not, I am not sure as I don’t have the Opal but if it installs on my AR750S then I suspect that it should install on Opal with no much trouble. It is only a couple of clicks and a reboot and you should have no issues giving it a try.

I don’t see it at all though it’s really odd. The packages are only able to be installed via some command by sshing in then the packages say installed but its only controllable via ssh. I did tailscale up and listed some things like --exit-node=ipaddressofexitnode