- If you imagine a fleet of tech-savvy users having corporate devices, you may imagine some of those users having a desire to use tailscale on their devices to connect to their own personal tailscale networks. (corporate devices connecting to personal networks).
- On the other hand, corporate network admins may not be so excited about allowing incoming connections from personal networks (desire to disallow incoming connections from personal networks).
- You may imagine a future where there’s an enterprise / corporate network with appropriate ACLs set up for all devices (possibly allow existing or future incoming connections from corporate / managed network, but not from personal networks).
Block incoming connections · Tailscale seems somewhat related but there’s no ability to enforce that as corp fleet owner.
I wonder if there would be ways to configure machines, e.g. to have some kind of
/etc/tailscale.conf configuration file that would allow incoming connections from particular networks only, and no other. (This file could be managed by corporate devices fleet owners)
I’m happy to open a relevant FR if that makes sense, but trying to inform myself first.