Hi, I use wireguard extensively and love that you have made it easy for people to get in and create their own wireguard networks without needing to be super technical.
My question is… can a user define ACLs that would allow access to an entire subnet rather than a specific host? In my current wireguard configurations I can run wg on linux, NAT that interface and allow hosts to a /24. This helps with devices that cannot run Wireguard directly but still allow users to access those services over the wireguard tunnel.
I’m looking to solve some hurdles for a client that would like to use your service but they have storage appliances that cannot accommodate a Tailscale install.