Print Page - Tailscale working well, but how do I set a rule to force clients thru VPN?

Title: Tailscale working well, but how do I set a rule to force clients thru VPN?
Post by: spants on January 31, 2023, 11:00:07 AM

Great work on this release!.

I have been using tailscale as an exit point on a machine inside the firewall but now switched to using the OPNsense instructions on tailscale.com. It is working well - can manage systems inside the firewall and get internet access.
However, I would like to setup a rule that forces any external clients to exit via my wireguard (mullvad) vpn rather than via the WAN. The clients seem to have my external IP address from what I can see.
I know its a basic question but I am going around in circles!.

tdlr- need any client that has come in via TLSCL interface to be able to see internal systems (working) and exit firewall only via VPN.

Many thanks!

Title: Re: Tailscale working well, but how do I set a rule to force clients thru VPN?
Post by: lilsense on April 11, 2023, 12:35:20 AM

you would need to set a routing rule to forward traffic not thru the WAN but thru the VPN for TLSCL interface.

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: spants on January 31, 2023, 11:00:07 AM