By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Preferences Deny Accept All Cookies

Privacy Preference Center

When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.

Reject all cookies Allow all cookies

Manage Consent Preferences by Category

Essential

Always Active

These items are required to enable basic website functionality.

Marketing

Essential

These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.

Personalization

Essential

These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.

Analytics

Essential

These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.

Confirm and close

title

tailscale OPNsense

How to Install Tailscale on OPNsense

Learn how to install Tailscale on OPNsense firewall in a few easy steps. Follow this guide to create a secure, WireGuard-based mesh network using OPNsense.

Ferdinand Linnenberg

Ferdinand Linnenberg

Instructions

Log in to OPNsense and activate SSH and root login and password login.

echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config
service sshd restart

# Set root password
passwd

Increase the disk size of OPNsense to at least 12 GB to avoid DiskPressure and Evicted Pods issues.

df -h

# If the usage is high, add more space to the disk
# For example, to add 10 GB of space:
gpart add -s 10G -t freebsd-ufs da0
growfs /dev/da0p2

Update OPNsense to the latest version by going into the default menu via console or SSH and selecting 12. You might need to do this a few times to get to the final version.
```
opnsense-update -T opnsense-devel
```

When asked for updating to a major version, do not select 'y' as this will only cause a minor update. Type in the version number instead (it will be shown in the shell).

Additionally, enable Swap.

mdconfig -a -t swap -s 4g
swapon /dev/md0

Follow the tutorial: WireGuard mesh network using OPNsense. You can use the following command to set it up in one step (adjust IP range to your exposed IP range):
```
cd /usr/ports/security/tailscale
make install clean
service tailscaled enable
service tailscaled start
tailscale up --advertise-routes=172.16.103.1/24
```

Note: If you still encounter problems regarding missing swap, you can shut down the k3OS VM and temporarily increase the CPU and memory of OPNsense.