How To Configure Firewall To Allow Tailscale To Make Direct Connection?

If I use the native Windows firewall, Tailscale will be able to make direct connection with other computers. However when I switch to Bitdefender Firewall, direct connection can no longer be made. It has to use a relay server. Is there any way to resolve this?

Tagged:

Answers

  • Gjoksi
    Gjoksi Defender of the month mod

    Hello.

    You should contact Bitdefender Consumer Support by chat, telephone or e-mail:

    NOTE: Bitdefender telephone support is not toll-free!

    Regards.

  • To configure a firewall to allow Tailscale to make a direct connection, you will need to open specific ports and protocols that Tailscale uses to communicate. Here are the steps you can take to configure your firewall to allow Tailscale to make a direct connection:

    1. Identify the ports and protocols that Tailscale uses: Tailscale uses the UDP protocol on port 51820 for peer-to-peer communication, and also uses port 443 for outbound connections to the Tailscale network.
    2. Create a firewall rule to allow incoming and outgoing traffic on the identified ports: Depending on your firewall configuration, you may need to create separate rules for incoming and outgoing traffic. You can also create a rule to allow all traffic from the Tailscale process.
    3. Allow traffic from the Tailscale process: You will need to configure your firewall to allow traffic from the Tailscale process, so that the firewall does not block Tailscale's connections.
    4. Make sure to check your firewall's documentation for specific instructions on how to create and configure firewall rules as it can vary depending on the type of firewall you are using.
    5. Test the connection: Once you've made the changes to your firewall, you should test the Tailscale connection to ensure that it is able to make a direct connection as expected.

    It's important to note that depending on the security policies of your organization or the specific

  • Hello, I tried what suggested here on the Bitdefender total security firewall but unfortunately the problem persists.

  • How do I access Bitdefender's firewall to allow for Tailscale operation?

  • Faccin0
    Faccin0
    edited September 6

    Hello everyone!
    I had a mail exchange with Tailscale and they also gave me the same advice as matthewshort. A guide on how to set the firewall correctly is the following:

    Open Bitdefender → protection → Firewall

    Then click on Rules → add new rule → apply the rule to all apps →

    Type of network: all networks

    protocol: any

    direction: both

    then click on Show Advance Settings → enable "remote personal address"

    IP: 100.64.0.0/10 (Tailscale provided me with this IP range which is the one used by tailscale protocol by default)

    Ports: 443, 41641, 3478

    Then create a new rule but this type of protocol is UDP and ports are 53, 4164.

    This is the end result:

    If you want to use SMB (aka access your NAS from Explorer with a Windows PC) you should also enable TCP ports 139 and 445