Use exit nodes
This topic is a quick guide for configuring exit nodes in a tailnet. For more detailed information, see Exit nodes.
Advertise a device as an exit node
To use a tailnet device as an exit node, select an OS and complete the steps.
-
Download and install the Tailscale client.
-
Open a terminal session on the device and enable IP forwarding.
If your Linux system has a
/etc/sysctl.ddirectory, use:echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.d/99-tailscale.conf sudo sysctl -p /etc/sysctl.d/99-tailscale.confOtherwise, use:
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf sudo sysctl -p /etc/sysctl.conf -
In the terminal session, advertise the device as an exit node.
sudo tailscale up --advertise-exit-node -
Go to the Machines page of the admin console.
-
Locate the device in the list. It should display the Exit Node badge.
-
Select the
menu, then select Edit route settings. -
Check the Use as exit node box, then select Save.
Use an exit node
Each device must enable the exit node separately. The instructions for enabling an exit node vary depending on the device's operating system.
- Open the Tailscale app on the Android device and go to the Exit Node section.
- Select the exit node that you want to use. If you want to allow direct access to your local network when routing traffic through an exit node, toggle Allow LAN access on.
- On the app home screen, confirm that the selected device displays in the Exit Node section. When an exit node is being used for the device, the section will turn blue.
To stop a device from using an exit node, go to the Exit Node section and select None.
You can turn off routing through an exit node by selecting None from the Exit Node drop-down.