Setting up tailscale for domain networks

This is a quick guide on how I have been setting my clients up with Tailscale. This allows a computer to join the domain and have an always-on VPN connection. This is by no means the only way but it is the way I am doing it.

Create a Tailscale account (This will be the Admin user)

Install Ubuntu Server on a minimal server, 1core, 1024 ram 30GB storage

  1. Download ubuntu server (option 2)
  2. Create VM and label your install
  3. ignore all features but enable SSH for ease

Once installed log into the server with SSH
Install instructions: but basically follow below:

  1. Install tailscale:
curl -fsSL | shthen: sudo tailscale up
  1. Run the following to fix the ipv4 issue: found at
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf
  1. Connect Linux box as a subnet router, change Advertised routes to IP addresses internally: 
sudo tailscale up --advertise-routes=,
  1. Go to the Tailscale website and enable the Subnet route on the machines page then go to Edit route settings
Setting up tailscale for domain networks 1
  1. Turn on the Subnet
Setting up tailscale for domain networks 2
  1. Go to DNS and click on add Nameserver and type in the internal nameserver address and save.
Setting up tailscale for domain networks 3
  1. enable override local DNS
Setting up tailscale for domain networks 4
  1. Install Tailscale client

1 thought on “Setting up tailscale for domain networks”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.