ACL - allow everything except for "untrusted" tags

On my Tailnet, I have my personal devices and one or two servers tagged “untrusted”. These servers are in locations that I do not control, so I do not wish for someone to gain access to my Tailnet through these servers. Currently, my ACL rules is the default (allow access from all to all). I’d like to add a couple more rules:

  • deny access from untrusted to devices that are not tagged untrusted
  • deny access from devices that are not tagged untrusted to untrusted
  • allow port 22 access from devices that are not tagged untrusted to untrusted

However I’m not sure how to set up the ACL rules so that they “exclude” tags (not tagged untrusted as shown above). What rules should I use to achieve the setup described above?

TL;DR - How do I set up ACL rules so that all devices/users can talk to each other, but “untrusted” tags are shored off and cannot talk to the main pool?

Figured it out: autogroup:members does not contain tagged devices, so I can use that to define all untagged devices and manually add tags. Although this is a rather janky workaround I only have one tag so it’s fine.

1 Like

Same problem/question here.

I want to have access to a couple of web servers using Tailscale SSH. But the web server must not have access to my Tailnet. Therefore, I added a tag untrusted:

"tagOwners": {
	"tag:untrusted": ["autogroup:members"],

And changed the default ACL:

"acls": [
	// {"action": "accept", "users": ["*"], "ports": ["*:*"]},
	{"action": "accept", "src": ["autogroup:members"], "dst": ["*:*"]},

Added tag:untrusted to SSH:

"ssh": [
		"action": "accept",
		"src":    ["autogroup:members"],
		"dst":    ["autogroup:self", "tag:untrusted"],
		"users":  ["autogroup:nonroot", "root"],

Is this correct? Is this all I have to do to reach my servers but deny access from my servers to the rest of my Tailnet?

Thx a lot!


Yup, that should work.

You can also create tests to see if the servers can access your tailnet.

“tests”: [

  	"src":   "tag:external-server",
  	"deny":  ["tag:intern-server:44"],


1 Like

Thx! I think this is an important security feature since all “external” servers should be restricted in my oppinion…