Can Tailscale ACL also act as my Firewall?

MikaelJones · October 13, 2021, 10:40pm

I will be putting Windows/Linux clients on multiple remote LAN networks and are evaluating Tailscale.

However, I don’t want anything else on the remote LANs to be able to communicate with the client where Tailscale is installed, just like acting as a “firewall” and o my Tailscale client.

I’m unsure if the ACL function will allow me to do such a “isolation” of the machine? Otherwise I guess I simply do that with the normal OS Firewall/iptables?

apenwarr · October 13, 2021, 11:25pm

Tailscale mostly doesn’t affect your firewall settings on non-Tailscale interfaces. The best thing to do is to block incoming requests on non-Tailscale ports.

Here’s one example with ufw: https://tailscale.com/kb/1077/secure-server-ubuntu-18-04/

ᐧ

MikaelJones · October 14, 2021, 4:36am

Thank tylu for this clarification!

Topic		Replies	Views
Tailscale unable to connect over UDP SUPPORT QUESTIONS	0	1407	April 30, 2023
Remote Management Policy	1	396	December 13, 2022
Preventing access to other Tailscale Networks?	0	589	June 17, 2022
How to isolate a device to only allow remote management? ACL (Access Control Lists)	0	887	July 28, 2022
Help Creating ACLs/Policy File ACL (Access Control Lists)	0	786	September 26, 2022

Can Tailscale ACL also act as my Firewall?

Related topics