Guide, Tailscale Exit Node Steps - Neilitlib/MSP-Simple-Commands GitHub Wiki

#Download with curl -fsSL https://tailscale.com/install.sh | sh

#If installed and repurposing sudo tailscale logout sudo tailscale login

#Click the authentication link

#Login with the OBIT admin account for 365/GSuite

#Consent on behalf of the organization

#Tailscale will ask you what you're using this for, select IT and VPN Replacement

#Follow this guide: https://tailscale.com/kb/1103/exit-nodes?tab=linux#install-the-tailscale-client

sudo tailscale set --advertise-exit-node sudo tailscale up

#Go to the admin console in the tailscale website

#Click the ... for the rasPI machine and click Disable key expiry

#Click the ... for the rasPI machine and click Edit Route Settings

#Click Use as Exit Node checkbox

#Stop this guide and switch to this next one...

#Follow this guide: https://tailscale.com/kb/1019/subnets

#Enable IP Forwarding

echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf sudo sysctl -p /etc/sysctl.d/99-tailscale.conf

#Advertise subnet routes

#This is where you need to know the local IP scheme & Range

#You can advertise multiple routes with a comma

Multiple subnets sudo tailscale set --advertise-routes=192.0.2.0/24,198.51.100.0/24

Just one subnet sudo tailscale set --advertise-routes=10.0.1.0/24

#Go to the admin console in the tailscale website

#Click the ... for the rasPI machine and click Edit Route Settings

#Click the checkbox for the subnet route you just set

#Resume this guide at the "Use the Exit Node" section: https://tailscale.com/kb/1103/exit-nodes

#Find the tailscale IP address of this rasPi node

tailscale status

#Allow access to local lan network with this, replace with the tailscale IP you found with the previous command

sudo tailscale set --exit-node=<exit-node-ip> --exit-node-allow-lan-access=true