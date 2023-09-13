So i need some help. Currently I have a working Wireguard VPN into my OPNsense router which works perfectly and I can access my entire network properly when away from the house.



I want Tailscale because I want my wife to be able to leave the house without having to enable the VPN (stupid iOS with no way to auto-connect).



OPNSense runs on a 4 port Protectli.



My OPNsense sits on x.x.1.x I have a Vaultwarden system on x.x.2.x. My main network is x.x.3.x. DHCP and DNS is controlled by my Pi-hole.



I have tailscale installed on the following devices: OPNsense, Pi-hole, Plex, Nextcloud, Vaultwarden, and my Android phone.



OPNsense is an exit node with no advertised routes. Only my phone uses the exit node.



Here's what I'm up against though. When I'm away from the house my phone gets filtered by Pi-hole correctly and my IP address is the house address. However, I can't access Vaultwarden and I can't access Plex.



When I'm home with LAN access enabled on my phone and using the exit node I can access Plex but not Vaultwarden and my phone doesn't get filtered by the Pi-hole.



If I don't use OPNsense as my exit node on my phone I can access Plex and Vaultwarden.



Everything can ping each other so I'm at a loss.



What am I doing wrong here? Any help would be greatly appreciated.



EDIT: I have it corrected so that now the only thing I can't do is access Plex when away from the house. I needed to added an extra subnet route to fix the other stuff.