Sign up with Google
acidrain
Executive Member
Anyone that is using headscale with ACL's able to shed some light on a problem, or more so a solution.
Firstly I have 2 advertised routes.
192.168.88.0/24 (Home)
192.168.0.0/24 (Office)
On tailscale I was able to specify a specific IP on the 0.0 network access to the 88.0 network (enabling only my work pc access to my private net). The computer is not connected via the app and don't really want to go that route.
When inputting the same rules into the headscale acl file, it does not seem to work and the pc has zero access.
Below ACL code
So it appears, in the interim, this type of functionality might not yet be available, but I may be wrong.
Firstly I have 2 advertised routes.
192.168.88.0/24 (Home)
192.168.0.0/24 (Office)
On tailscale I was able to specify a specific IP on the 0.0 network access to the 88.0 network (enabling only my work pc access to my private net). The computer is not connected via the app and don't really want to go that route.
When inputting the same rules into the headscale acl file, it does not seem to work and the pc has zero access.
Below ACL code
Code:
{
"groups":{
"group:owner": ["user1"],
"group:routers": ["opnsense","rpilogic"],
"group:work": ["user2","user3"]
},
"acls": [
{"action": "accept", "src": ["group:owner"], "dst": ["*:*"]},
{"action": "accept", "src": ["192.168.0.20"], "dst": ["*:*"]},
{"action": "accept", "src": ["192.168.88.0/24"], "dst": ["*:*"]},
{"action": "accept", "src": ["group:work"], "dst": ["192.168.0.175:*"]}
]
}So it appears, in the interim, this type of functionality might not yet be available, but I may be wrong.
Last edited: