I have a tailscale node that is advertising both my main LAN and now my one VLAN. I use Opnsense here at home.
Lan -192.168.10.0/24
VLAN - 192.168.30.0/28
On opnsense I have only allowed a group of ips (my devices) to access the vlan so im wondering if I need to allow access from the node on LAN to the VLAN. Im not sure which IP I should be using? The Local one or tailscale? Any help would be great,
Side note: I discovered when using nodes to share an entire subnet that if you use the actual mask your local traffic will still travel through the node. The trick was to change the subnet to one less that way it only goes through when you are not local. For example my advertised route on the trailscale node is set to 192.168.10.0/23 instead of 24. I think that means I should use 27 on the VLAN as well.
I do not have a node on the VLAN network. Only on the LAN network which is advertising the routes.That why im curious if I need to adjust the firewall rules from the node local ip address.
If there’s no node on the 192.168.30.0//28 VLAN, then there needs to be an explicit gateway/router between the two. Even if the machine that is your Tailscale node is on the same physical network, it won’t be permitted to connect to any devices on that VLAN.
My suggestion would be to install Tailscale on a device on that VLAN, and if you need access to devices that you can’t install Tailscale on, then you can advertise that route.
Basically, your Tailscale node doesn’t know how to reach 192.168.30.0/24 addresses. So even if you publish the route, traffic can’t flow.
Ah I figured another node on that vlan was needed. I figured maybe it was just a matter of allowing the node on the LAN to forward traffic to the VLAN, but I guess not. No worries, I can do that np. Thanks.
So an issue im having with Tailscale is while im on the local network all that traffic is still being sent through tailscale. This should not be the behavior unless im remote. I checked with a tracert and def relaying through TS. Do you know how to avoid this while local?
