Welcome to my blog! I have many upcoming posts planned, but wanted to share a simple one to start. As an avid user of both the WLAN Pi and Tailscale, I have some tips for combining these two tools to maximize the usability of a standard WLAN Pi. This post assumes you have a working tailnet and WLAN Pi already. I also recommend enabling Tailscale MagicDNS, HTTPS, and modifying SSH ACLs.
-
Install Tailscale on your WLAN Pi:
curl -fsSL https://tailscale.com/install.sh | sh -
Set Tailscale flags:
sudo tailscale set --advertise-exit-node --accept-dns=false --ssh --hostname=wlanpi -
Start Tailscale and complete authentication:
sudo tailscale up -
Have Tailscale issue a valid HTTPS certificate for your WLAN Pi web server:
sudo tailscale cert wlanpi.coho-wyvern.ts.net(replace the FQDN with your WLAN Pi’s FQDN from your Tailscale admin panel) -
Configure Tailscale to serve the web server over port 443 to your Tailnet:
sudo tailscale serve --bg https+insecure://localhost:443
After running these commands, you have the power to do some new things with your WLAN Pi, no matter what network it is on, as long as it is connected to the internet.
-
You can SSH to it simply with
ssh wlanpi@wlanpi. Where else could this be useful? You could setup a remote sensor in Wi-Fi Explorer Pro for PC/Mac, or Airtool Pi for iPhone/iPad, to connect over only the hostname with username. No password required for any device in your tailnet. -
Connect to the WLAN Pi web server with a valid HTTPS certificate at
https:wlanpi.coho-wyvern.ts.net(replace FQDN with your own from earlier step) -
Leave the WLAN Pi behind at a client site, and connect your phone/laptop to it as an exit node. This will let you egress all your device traffic from the WLAN Pi, assisting with testing their firewall/filtering config. Note Tailscale will not route broadcast traffic, so don’t expect to be able to discover devices on the endpoint LAN while connected over the exit node.
I hope this helps open up some new use cases for you.