Two IPs for a host in the ACL file

Hi,
I set a route subnet, so it happens that I can get access to a few device either via their Tailscale network IPs or their real LAN IPs,

So, I was wondering if I can set two IPS for the same host in my ACL file. Something like this:

"hosts": {

"pc" : "192.168.20.100, 100.50.50.10",

My purpose would be that of denying access to “pc” from a few devices via the two IPs
I don’t know if just by setting only its Tailscale IP is going to work with its LAN IP as well. I hope I was clear. Thanks

Any chance to get an answer here sooner or later?
Thank you

According to the docs, each host entry can only map to an IP or an IP range:

 
Since your two IPs are in completely different ranges, your only resort is to give each IP its own name:

"hosts": {
  "pc-1": "192.168.20.100",
  "pc-2": "100.50.50.10"
}

 
 
Alternatively you could assign a tag to that PC and then refer to that instead.

From the docs:

Once a device has been tagged, it loses the access permissions of the human user who tagged it, and acquires any access permissions granted to its tags. In other words, if you log into a device as dave@tailscale.com and then tag it with tag:server , the device no longer has any of the network permissions granted to dave@tailscale.com , and instead is subject to the access rules for tag:server

 
 
And here it’s described how to set access controls for tagged devices: