Exit Node: No access of any kind from "guest" node

Tailscale version: 1.36.1
Your operating system & version: Fedora 37 (both exit node and example laptop; also tested with iOS node connecting to exit node)

Pardon the noob question, but I am trying to transition to a personal tailscale network, and I’m running into a hiccup. I’m just not familiar enough with tailscale to figure this out, and none of the suggested fixes I’ve come across have worked.

I have set up a node as an exit node, it is advertising as an exit node, and it is “activated” as an exit node in the web admin. I have turned on forwarding and masquerading at the firewall level on the exit node.

On the “guest” node (my laptop or an iOS device that is also a tailscale node), I have successfully configured and tested SSH–so I know the network is working–and I can ping the tailscale nodes and, of course, reach the Internet.

I have not modified the default ACLs, so everyone can access everything.

If I select the exit node I have designated from a guest device, however, everything stops. I cannot ping any tailscale node or any external node. I cannot connect via http(s) with any internal or external resource. It does not appear to be a DNS issue because, for example, I can’t ping or otherwise connect to an IP address. Even attempting to ping a known internal IP (192.168..) no longer works (with or without allow-lan-connections activated).

I’ve followed the documentation so I’m a bit at a loss where to begin troubleshooting. I would appreciate any pointers. Thank you!