Which terminal are you using? You may need the one in the community addon store with protection mode disabled, not the regular addon, for elevated permissions.
ipv4 forwarding is already enabled, you can see it with
sysctl net.ipv4.conf.all.forwarding
ipv6 is not but you need to enable the debug mode for this, see this post:
The subrouting / exit node issue was described and closed here but not fixed for everyone:
The follow up issue is here:
I don’t need ip6 portforwarding.
I just want to access my router and modem using HA as exit node.
Yes portforward is working on ipv4
sysctl net.ipv4.conf.all.forwarding
Has anybody for the range forwarding to access other devices local to HA?
For example I have printers and my router on the 192.168.1.* range at home but I can’t access them when connected. I can connect to HA’s 192.168.1.* address.
I can ping the 192.168.1.* addresses from the HA SSH command line so that can communicate.
use https://github.com/tsujamin/hass-addons/tree/main/tailscale add instead of offical if you want to use subnet. https://github.com/hassio-addons/addon-tailscale/issues/22#issuecomment-921036402
1 Like
Thanks, it works great (both access to LAN and exit node) on Home Assistant OS when checking userspace_networking.
using which add-on offical or tsujamin?
tsujamin, there is no userspace_networking option in the official addon.
That’s even worse since I am not able to start it anymore on HA OS.
Yeap, just moment ago installed it on few of my devices. After tons of time spent on DDNS, Google Domains, ddclient, router configurations etc. With tailscale everything just works out of the box! And for free(in my case). Seems very good.
I need help installing Tailscale on my rpi with Home Assistant Core without the add-on.
Can anyone help me? 
I installed Tailscale since some of my streaming apps do not allow anymore to watch when outside the country… I have at home a rpi with homeassistant running so was thinking I could use Tailscale for this. The homeassistant is defined as ‘exit-node’ and on the iPad i’m using this HA als exit node. Seems like I don’t have internet anymore when activating exit node, without exit node I still have internet but then streaming apps still detect that i’m outside the country…
If you guys want to access homeassistant from anywhere and own a domain name, you can also use Cloudflare and a Cloudflared tunnel to do that. There is no need for any sort of VPN connection on any devices, running apps or anything else. HA creates an encrypted tunnel to cloudflare which you can access via your custom subdomain. You can also add an additional layer of security by putting a login with GitHub or another SSO provider in front of it.
I recently created a new addon to use Cloudflare, so feel free to check it out and let me know what you think:
Included in the following addon repository:
2 Likes
this issue with this owning a domain name, which itself will be costly.
Interesting, but you might want to document a bit the cloudflare bits.
I wasn’t aware of this capability, and I still don’t know where to start 
Ah, nevermind. I was expecting the explanation on the github README
Well there is. Your addon installs the clouflare client rather than the tailscale one
Their way of working is extremely similar, creating a tunnel between your host and a central point acting as a router, although cloudflare seem to be based on a proprietary solution (albeit open-source) rather than the Linux standard wireguard.
Nabu Casa works the same way as well, although limited to HA itself and HA doing the client-side job.
EDIT: Actually, tailscale manages to do p2p connection when possible, so, contrary to what I thought, there is no central router: your connection are peer-to-peer, most of the time, removing a point of failure.
You can use tailscale status to check the connectivity between hosts of your tailscale ring, and see how that connection was made, whether “direcy” or through a “relay”/router.
Now, I’d really like to understand how tailscale manages to do a ipv6 connection inside my network without me opening any ports on the firewall 
I recently posted an article about how to get a domain name for free and utilise the different offerings of Cloudflare with it. If you are interested, you can have a look:
1 Like
Following your excellent guide, I successfully created the domain. Now I need to access home assistant through HTTPS protocol to use home assistant cast. Home Assistant Cast - Home Assistant
1 Like
I would be careful about Freenom.
Nothing is free in this world (besides open-source done by crazy people 
) and their business model is not clear.
Even if this is paranoia, keep in mind you don’t “own” the free domain you get from them, they just lease it to you and can get it back anytime. You basically have no rights on the domain.
Not much of an issue if this is just for exposing HA, though.