[Solved] Unable to set up tailscale exit node for LAN access

SecretRookie · March 8, 2025, 6:58pm

I am following the OpenWrt wiki guide and when trying to Force LAN traffic to route through Exit Node I get the following error:

invalid value "openwrt" for --exit-node; must be IP or unique node name

Using the IP address in the "Machines" section of the tailscale web interface leads to this:

no node found in netmap with IP TAILSCALE_OPENWRT_NODE_IP

What am I doing wrong? Could it be the fact that I updated tailscale to 1.80.3 instead of the default 1.80.2 installed by the package manager?

Summit48 · March 9, 2025, 12:44am

If the objective is to allow remote Tailscale clients to access the Internet via your Exit Node, then you don't need to configure the "Force LAN traffic to route through Exit Node", as the standard Exit Node configuration does that. The "Force LAN traffic to ..." does something entirely different.

OpenWrt Tailscale Wiki

Given you are trying to install Tailscale for the first time, I would use Tailscale v1.80.2 which is offered by the Package Manager, save the fancy stuff for later.

What is the model number of you router?

SecretRookie · March 9, 2025, 6:25am

Alright. I have reinstalled the package and re-done the setup all the way to the "Force LAN traffic to route through Exit Node" (not including it).

The objective is to allow access to the internet via the Exit Node, but also to allow access to my LAN services running behind the Exit Node. Which is what the "allow-lan-access" option is for, I assume. That's where I get the errors mentioned in the post.

SecretRookie · March 9, 2025, 6:53am

Forgot this part... The router is an ASUS RT-AX1800U

{
	"kernel": "6.6.73",
	"hostname": "OpenWrt",
	"system": "MediaTek MT7621 ver:1 eco:3",
	"model": "ASUS RT-AX53U",
	"board_name": "asus,rt-ax53u",
	"rootfs_type": "squashfs",
	"release": {
		"distribution": "OpenWrt",
		"version": "24.10.0",
		"revision": "r28427-6df0e3d02a",
		"target": "ramips/mt7621",
		"description": "OpenWrt 24.10.0 r28427-6df0e3d02a",
		"builddate": "1738624177"
	}
}

I have finally managed to connect to the Luci web interface through Tailscale, but can't reach anything else.

Summit48 · March 9, 2025, 7:42am

No the "allow-lan-access" option is not used, you need to say in the "How to set up Subnet Router/Exit Node" Section.
Assuming the Subnet of your LAN is 192.168.1.0/24, run the following CLI command.

tailscale up --accept-routes --advertise-routes=192.168.1.0/24 --advertise-exit-node

Then go to the Tailscale Coordination Server and enable both the Subnet Route and the Exit Node for the rt-ax1800u.

SecretRookie · March 9, 2025, 8:28am

Alright. It works. Turns out my subnet LAN was incorrect.

system · March 19, 2025, 8:28am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.