Remote gateway over Tailscale

andre_x · April 27, 2025, 10:02:44 AM

Hi everybody!
I have 2 remote sites (B and C) and I want certain devices to exit to the Internet from my house (A).
Looking at the diagram, I want PC3 and PC6 to exit to the Internet with the public IP 1.2.3.4
All the sites are connected with Tailscale and site B and site C have the exit node set as site C.
On site B and C I've created a gateway with the IP of Tailscale site A, it's up and running with priority 255 (WAN has 254); I've also created a firewall rule for specific LAN IPs with that as gateway.
Onsite A I've created NAT rules (see attachment).
If from PC3 I ping 1.1.1.1 I see that ping going out of site A WAN, but the answer never goes back to PC3.
What am I missing?
Thanks!

Edit: how can I place picture in the post instead as attachments?

ricardolanes · April 27, 2025, 07:11:41 PM

Hi, I'm not sure if that's it, but try changing the fw rule by setting the outgoing gateway.

ricardolanes · April 27, 2025, 07:20:16 PM

Quote from: andre_x on April 27, 2025, 10:02:44 AMEdit: how can I place picture in the post instead as attachments?

Use tag

Code Select

[img]URL[/img]
I recommend using this postimage: https://postimg.cc

andre_x · April 27, 2025, 07:50:11 PM

Quote from: ricardolanes on April 27, 2025, 07:11:41 PMHi, I'm not sure if that's it, but try changing the fw rule by setting the outgoing gateway.

Hi Ricardo, thanks for your reply!
I've done that the packages arrives at site A, they goes out, but they don't go back to site B or C. It may be a NAT problem, but I can't find it.

Remote gateway over Tailscale

andre_x

April 27, 2025, 10:02:44 AM

ricardolanes

April 27, 2025, 07:11:41 PM #1

ricardolanes

April 27, 2025, 07:20:16 PM #2 Last Edit: April 27, 2025, 08:26:22 PM by ricardolanes

andre_x

April 27, 2025, 07:50:11 PM #3