Is there a way to get TailScale exit node traffic destined for the WAN to use a gateway other than the default?
Use case is that I’d like to have the convenience of being able to connect to my home network with the security of my NordVPN while travelling. I have a Nord Gateway set up within PfSense that I route select clients through using an Alias list, but can’t figure out how to route Tailscale Exit Node traffic via this gateway. TIA 
Tried that, and that’s exactly how I used to do it with Wireguard, it doesn’t appear to work the same way with Tailscale though.
Anybody? Surely there must be a way?
I’ve watched that video before, and can’t see anything in it relating to my issue 
Bumping this up. I too am trying to set this up with TailScale. I’ve seen references to setting up this via VLANs. Tailscale doesn’t have interface.
I also tried the same and failed to implement it.
If modifying the routing table doesn’t work, have you guys tried pf pre/post routing rules?
I do something similar for special users on a restricted vlan, where I want those users to use the DNS config from another less restricted vlan. This saves me from creating a whole new vlan just for those one or two users. Removing the DNS specific filters (just tie it to the interface) would make the rule simpler.
I would post my config but I do this in nftables. But the principle should be the same and work similar in pf. I imagine the trick I did above is relatively common for a few guys in this forum, they should be able to show configs.
Haven’t tried, worth an hour or so…
Been reading this… too dangers as I’m at the remote location and need to modify config on the exit node… Routing clients through Tailscale exit node on pfSense
Given up on tailscale. Seems exit nodes do not work with pfsense clients. Tailscale software needs to be on a client.
Openvpn can accomplish this goal (IPSec too but needs two static IPs).
https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-s2s-route-internet-traffic.html
