Create Tailscale Account
https://login.tailscale.com/start, and sign in an account to create your Trailscale account. I’m using my google account to create an account.
Once created, you will get the welcome screen.
Copy the following command to your server and run:-
curl -fsSL https://tailscale.com/install.sh | sh
This will prompt for your sudo password.
Once finished, run the following command:-
sudo tailscale up
This will give a login page to go to. Follow that link and sign into your account. This will your Tailscale account to your server.
Connecting your android phone to the network
Download the Tailscale app from the AppStore
Sign in to your Tailscale account, and this will link your Tailscale account to the phone.
Create a route to your server
As I just want to connect to my server remotely, I am creating a route just for this.
In tailscale, this is using your server as a subnet route. To enable this, we need to modify how tailscale starts.
On your server run, changing
10.0.0.0 to whatever your local lan range is:-
sudo tailscale up --advertise-routes=10.0.0.0/24
Log into Tailscale admin,
https://login.tailscale.com/admin and click subnets under your server listed in
This will give you an enable radio button to click. Once enabled, it will send that route to all clients, so from my phone I can now get to my server using my internal IP.
Using your server to forward traffic to your lan
If you want to access stuff within your network from Tailscale then you will need to enable IP forwarding.
For example, say my server is 10.0.0.10, and my router is on 10.0.0.1. I have already set up my route before so I can see 10.0.0.10 from my Tailscale VPN. Now I want to access my router’s web management. To do this, we use the server as a subnet router.
First we need to enable ip forwarding on the server:-
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf sudo sysctl -p /etc/sysctl.conf
Once that has been enabled, we need to configure the IPTABLES for forwarding.
iptables -t nat -A POSTROUTING -j MASQUERADE
Now test and you should be able to access 10.0.0.1 from your mobile on Tailscale VPN only. Once you have confirmed, save the config so it persists reboot.
sudo apt update -y && sudo apt install iptables-persistent
This will prompt you to save the routes. Press Yes for both IPv4 and IPv6.
Setting up DNS
As I’m using Adguard at home, I want to keep using it when I’m connected to Tailscale as it has my custom domain dns list and ad blocking.
Under DNS in the admin console, there is a nameserver section. Add your local IP under
Global Name Servers, and tick
Override Local DNS.
You should now be using Adguard DNS when connected to Tailscale