Wireguard Server on router behind NAT

I do own a

My aim would be to have a remote connection to a network in our holiday home. So this might be the best Solution. I will try to set it up on my Slate 750S.
I will report how it worked up!

Edit: First question. I‘m running latest fw for my slate (3.216) which is OpenWRT 19.07.8?! The guide suggest updating to (at least?) 22.03.0.
I‘m not sure how to do that. Would sticking with 19.07.8 be an option, or is there a easy way to update?

Edit2: there is no tailscale release for my OS version :pensive:

You can still make it work.

Option 1: You can run the Tailscale software on any device. I have a Subnet Router set up at my home so that I can access my home network remotely, and it is not on my router. I have it installed and working from a server running Debian Linux. It can also run on something like a Raspberry Pi.

Option 2. You can try installing Tailscale on your router anyways, even though there isn’t an official OpenWRT release. Tailscale provides the base files you need here. I’m pretty sure you need the mipsle version (second from the bottom of that section). It takes a bit more effort to set it up, but it can be done. I’d be willing to help you figure it out if you want to try that route.

1 Like

Looking closer to the picture in the guide, I saw these guy is running 19.07 too?!

Maybe I could just pick the Version for 22.03? Otherwise I would really be thankful for your help and really appreciate that. But I have to warn you, my linux and specially network knowledge is limited… :blush:

Option 1 would not be my favorite, because this would require an additional device.

Meanwhile I updated my GL-AR750S to latest OpenWRT (22.03.04) using this manual. The gui feels very uncomfortable to me. I’ll trie to move on from here an get it working.
I’ll follow up.

Following the guide (on my OpenWRT 22.03.04) resulted in an error message installing tailscaled

starting tailscale failed

Reboot didn’t help. I hope it is ok to get off topic meanwhile…

Edit: Seems that tailscale is working after doing this and maybe(?) this. I am able to access the Slate from another WLAN using the provided IP. So last question, to get access to the whole subnet, the Slate provides, do I just have to set “exit mode” to “allow local network access” ?!

Edit: sorry forgot the photo, but this is for the Macbook. How do I enable that on the Slate?

To enable the subnet router, you just need to follow the guide on their website I linked earlier. There are two important steps:

  1. Run the tailscale up command with the correct flag and correct network. It will look something like tailscale up --advertise-routes=, but with your network’s IP range and subnet.
  2. Enable the route in your Tailscale Admin Console. Find the machine in the list, click on the 3 dots menu, and click on Edit Route Settings.... Flip the switch to enable the route.

Once you have enabled the route, you should be done. Any Windows/Mac/iOS/Android device on your tailscale network will be able to access the subnet. Just try pinging another device on the network or going to the web portal of something on there from a device with Tailscale running. It should just work. You don’t need to enable anything on the device itself. Subnet Routers are always active.

Thanks for that input. This is basically the same way I followed. Only thing is I added


because I’m using OpenWRT22.03. Maybe I mixed up something. I did a reset to default and will give it a new try. Thanks anyways!
I am not quite sure, if I have to set up a firewall zone on the Slate?!

Edit: I could reach the router via local IP and WAN IP (tailscale) but I can’t acces the other remote network. After setting up the firewall the router is no more reachable over http (host IP and Tailscale WAN IP) or SSH. As I can’t acces the remote router local, I think I have to wait until I can do that?!
I guess I made a mistake, setting up the firewall…