I have a linux computer that I am using as a router. I’m trying to set it up so that all clients connected to it send all their traffic through the tailscale interface (which is connected to an exit node and is set up to be a subnet router).
It has the following interfaces
en0 - WAN en1 - LAN tailscale0 - tailscale
I set up a nat rule in
iptables -t nat -A POSTROUTING -o tailscale0 -j MASQUERADE
and tailscale on the router is run like this:
sudo tailscale up --exit-node=<exit node ip> --exit-node-allow-lan-access --advertise-routes=<my subnet>
However, this only seems to somewhat work. Random websites seemingly timeout even though both the exit node and the router itself are able to access those sites (both through web browsers and curl).
Does anyone know what might be preventing this from working? Other than the rules tailscale adds, the rule above is the only iptables entry I’ve added. And there is no other firewall running on the machine.