An IDS Decided Our Tailscale Was Malware
Some of our DC-hosted services would intermittently lose the ability to reach their own public URLs. A webhook from one internal service to another would hang. A health probe would time out. The logs at both ends showed nothing useful. It was always specific source/destination pairs. The VPS was reachable from the internet fine. From other parts of our network, fine. From most laptops, fine. From this DC host to that VPS’s public IP, TCP just timed out. No RST. Silent. ...