Hello,
I’m using tailscale package 2024-08-29-86e6c88ad1-1 on a RUTX11. I need to identify who is trying to connect to devices in the LAN from Tailscale network.
But packets source adress are always replaced by the one of the RUTX when going to the LAN, so I always see the RUTX11 address and can’t apply policies on my devices based on the source address.
Firewall rule Masquerading Tailscale > LAN is desactivated.
Is there any way to activate --snat-subnet-routes=false when launching tailscale up? Can you add an option to activate or not snat-subnet-routes option or do not replace SNAT when Masquerading option is desactivated?
Maybe I did the thing wrong but I don’t see how to make it work.
Thank you for your help,
Benoit.