Fixing Tailscale and Wireguard Full Tunnel Issue
Some Background
I started using Tailscale more than a year ago and it worked great, until a one update came and broke my exit nodes feature.
When using TS on my Android phone the exit nodes had no issues but on both my PC and laptop running Windows 10 I couldn’t get it working.
If I chose an exit node, I would lost connection to the internet and nothing worked, not even pinging inside the TS network.
I tried everything, disabling the DNS options, reinstalling different version, scrolling though endless pages of Github issues / Reddit posts, reading TS logs and even contacting the support team which blamed one of my nodes to be “misconfigured”.
Wireguard too?
It was so annoying that I desperately came back to this issues every few months to see if this time I would be lucky to solve it.
This time, I decided to take another route and test Wireguard on my Mikrotik router.
TS is based on Wireguard and after setting it all up, I had the same issue where I couldn’t connect using a full tunnel through my PC and laptop.
That raised an alarm as same thing happened on both software.
I decided to look in the WG logs and noticed an error: Warning: the “Ethernet 2” interface has Forwarding/WeakHostSend enabled, which will cause routing loops
Googling this issue led me to this reddit post with a solution.
Even before running those commands, I had a feeling that it will finally solve my issue and I was right 🙂
The Fix
In order to fix it, I had to check the forwarding status of my network adapter and disable it:
netsh interface ipv4 show interfaces netsh interface ipv4 show interface <ID> Set-NetIPInterface -ifindex <ID> -Forwarding Disabled
The ID of my adapter was 6 and indeed, after disabling forwarding both Tailscale and Wireguard tunnels worked on my PC and laptop.
Problem Solved!