Travel dietpi server as travel vpn router

Hey, I am trying to figure out how can use tailscale to connect to my services at site A, when I am at site B (traveling).Site A has a single Tailscale subnet router. (It works when I connect directly to tailscale on my laptop.) At site B, I have an OpenWrt router and a small sbc running DietPi.

What I have done so far:

  1. I have installed Tailscale on the sbc.
  2. On the OpenWrt router, I am routing ..0.0/16 IPs specific to my network at site A to the IP address of this SBC.
  3. the sysctl setting for forwarding from this doc (site to site vpn) on the sbc

What works:

  1. I think the router static route is working as I can see it when running a traceroute command on a device in Site B. Traceroute shows only two hops. First to my router and then to my sbc. After that it waits, since its not being routed anywhere.
  2. I can reach server on Site A when I try it access it from the sbc directly (at site B).

What else should I configure to make the route work? I only want access of Site A at Site B. Not the other way around.
BTW, when using snat = false on my Site A subnet router, the whole thing stops working.

So this is what needs to be done:
On the above commands, replace with you interface names for Tailscale and lan eth and show show some love to the comment there.