I believe the answer to your question is yes if i understand it correctly. it’s basically just a tunnel of IPs on the same VPN. for instance, I have my Umbrel, phone, and PC on it and i only can access each of them within the VPN and the IPs are only given through a tailscale interface, you don’t see them on any networks. I think that might be what you’re asking, but sorry if I missed it
Discussion
I don't think we're on the same page.
I run a VPN into my LAN so I can access any of my home machines from wherever in the world.
However, it would be cool to give my multisig cosigners access to, say, my private Nostr relay, by allowing them in but restricting their access to just the relay server's LAN IP. I don't want them to be able to see anything else inside my LAN.
