we are using Tailscale on a day to day basis to securely manage access to our company network assets.
We are currently in the process of setting up a cooperating with a client who we are trying to convince to use Tailscale too.
We need to enable access for our employees to a specific computer on the customer network.
I see in the documentation that it is only possible for an admin user to accept invites from other networks. I don’t completely understand the logic behind this because by default an externally-allowed machine is isolated and not allowed to make connections to other machines in the network, but this is not really the issue.
The issue is that as far as I am aware it is not possible for an admin user to allow other users of the same tailnet to access a shared machine from another network.
My question is: how can I ensure that regular users of our own Tailscale network can access the machine on our customers Tailscale network, given that the machine is shared with an admin user of our own Tailscale network?