Security concerns
#291
Replies: 1 comment
-
|
This is old but maybe itll help someone in the future. For security purposes you could make acls in the access controls of tailscale. Split your tailnodes into two name groups. "Tailnodes" and "Tsdproxy-Nodes". Then add access rules so Tailnodes can access other Tailnodes with full access. Then add access to Tailnodes can access Tsdproxy-Nodes with full access, but not the other way around. Go back into your "Machines" tab and set all the Tailnodes with the acl tag "Tailnodes" and for the tsdproxy nodes set the acl tag "Tsdproxy-Nodes" You make source -> destination selections so itll be more clear in the visual editor. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hi there,
if you offer a service that delivers unencrypted HTTP traffic on the Tailscale network with tdsproxy, is it possible for tdsproxy to read this traffic? Do I have to trust the software author that this will never happen?
Many greetings,
Frank
Beta Was this translation helpful? Give feedback.
All reactions