I want to use an AX1800 as a Tailscale access point on my network, so that devices without Tailscale installed can still reach a server on the Tailscale network over the internet.
Currently, the server can ping my router and my router can ping the server, but my local devices cannot ping the server's Tailscale IP — they can only ping the router's Tailscale IP. So somehow the subnet routing/forwarding outside my network is not working.
I have enabled Allow Remote Access (WAN) and approved the subnets in the Tailscale management interface. I can see two entries there: my local IP range and the IP address from my ISP.
I also briefly checked the firewall, but I'm not sure if anything needs to be changed there, since the router automatically activates the Tailscale rules on its own.
Could you draw a simple network topology including IP addresses (including Tailscale IPs) so we can better understand your setup?
If your server needs to be accessed via the Tailscale network, and devices without Tailscale are connected to the AX1800 via LAN, then you should enable “Allow Remote Access LAN” and approve the LAN route in the Tailscale Console.
Also, please make sure that Tailscale on the server is running with the --accept-routes parameter, so it can correctly route requests to LAN devices:
