Skip to content

Instantly share code, notes, and snippets.

@zed-wong

zed-wong/tailscale-clash-verge-rev-setup.md

Created February 9, 2026 09:14
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save zed-wong/e2a6c33b23ecbe425e8cfb6e238a6cdc to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save zed-wong/e2a6c33b23ecbe425e8cfb6e238a6cdc to your computer and use it in GitHub Desktop.
Download ZIP
Setup tailscale to work with clash meta verge and use desktop as exit node
Raw
tailscale-clash-verge-rev-setup.md

Setup Tailscale to work with Clash Verge Rev

Ubuntu Setup Guide: Tailscale + Clash Verge TUN + iPhone Exit Node

Goal

Route iPhone traffic through your Ubuntu machine over Tailscale, with Ubuntu egress proxied by Clash Verge TUN. Prerequisites

  • Ubuntu machine
  • Your working Clash config already backed up/restored
  • Tailscale account access (for route approval)

1) Install Tailscale on Ubuntu

curl -fsSL https://tailscale.com/install.sh | sh
sudo systemctl enable --now tailscaled

2) Login the Ubuntu node

sudo tailscale up
  • Open the URL shown in terminal and complete login.

3) Verify basic connectivity

tailscale status
tailscale netcheck

4) Advertise Ubuntu as an Exit Node

sudo tailscale set --advertise-exit-node=true

This advertises:

  • 0.0.0.0/0
  • ::/0 Verify:
tailscale debug prefs

Expected in output:

"AdvertiseRoutes": ["0.0.0.0/0","::/0"]

5) Approve Exit Node routes in Tailscale Admin

Open:

  1. Select your Ubuntu machine.
  2. Approve advertised routes (0.0.0.0/0, ::/0).

Note: Without this approval, clients will not see any exit nodes.

6) Configure iPhone

In Tailscale app on iPhone:

  1. Connect Tailscale.
  2. Open Exit Node.
  3. Select your Ubuntu machine.

7) Clash config checks (must be present)

In your Clash config, ensure these key settings:

tun:
  enable: true
  auto-route: true
  dns-hijack:
    - any:53
  route-exclude-address:
    - 100.64.0.0/10
    - 100.100.100.100/32
    - fd7a:115c:a1e0::/48
dns:
  enhanced-mode: fake-ip
  fake-ip-filter:
    - +.tailscale.com
    - +.tailscale.io
    - +.ts.net

8) Validation checklist

From Ubuntu:

tailscale status --json

Check:

  • iPhone peer is online/active
  • traffic counters increase while browsing from iPhone

From iPhone:

Troubleshooting

tailscale exit-node list shows no exit nodes found

  • Usually route approval not done yet in admin console.

iPhone has no Exit Node option

  • Same root cause: no approved/available exit nodes in control plane.

tailscale up hangs

Check logs:

journalctl -u tailscaled -n 200 --no-pager

Then verify Clash TUN + DNS exclusions are still correct.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment