Features
Last validated:
Access control
Understand the options available for access control in Tailscale.
Aperture by Tailscale
Monitor and secure LLM usage with Aperture by Tailscale.
Customize Tailscale using system policies
A list of configuration keys you can use to customize the Tailscale client using system policies, including MDM.
Device posture management
Use device posture for enforcing device rules in your tailnet.
Ephemeral nodes
Use ephemeral nodes in Tailscale for managing short-lived devices like containers and CI/CD systems.
Exit nodes (route all traffic)
Route all internet traffic through a specific device on your network.
Firewall mode in tailscaled
Learn about the different firewall modes supported by Tailscale on Linux devices.
Group devices with tags
Use Tailscale tags to authenticate and identify non-user devices, such as a server.
How app connectors work
Route SasS application traffic in your tailnet using app connectors.
Kubernetes operator
Learn how to expose your Kubernetes cluster to your Tailscale network.
Logging overview
Learn about Tailscale logging infrastructure.
macOS and iOS shortcuts
Learn how Tailscale works with the Shortcuts app, allowing you to automate tasks.
MagicDNS
Find out how to automatically register DNS names for devices in your Tailscale network.
Manage multiple tailnets
Manage multiple tailnets under a single organization.
OAuth clients
Use OAuth clients to provide ongoing access to the Tailscale API.
Secure node state storage
Encrypt Tailscale node state at rest.
Share your machines with other users
Learn how to give a Tailscale user on another tailnet access to a private machine within your tailnet, without exposing the machine publicly.
Site-to-site networking
Connect two subnets in your tailnet with each other.
Subnet routers
Use subnet routers to give devices outside your local network access to services within specific subnets. Extend your private network with Tailscale.
Taildrive
Share folders securely between devices on your Tailscale network.
Taildrop
Learn how to easily send files between your personal devices on a Tailscale network.
Tailnet Lock
Ensure that no node joins your tailnet unless trusted nodes in your tailnet sign the new node.
Tailnet policy file
Learn about the tailnet policy file.
Tailscale Funnel
Securely route internet traffic to local services using Tailscale Funnel.
Tailscale Peer Relays
Use Tailscale Peer Relays for client-to-client connections when direct connections aren't possible.
Tailscale Serve
Learn about the Tailscale Serve service.
Tailscale Services
Securely connect to and manage access to your internal resources using Tailscale Services.
Tailscale SSH
Use Tailscale SSH to manage the authentication and authorization of SSH connections in your tailnet.
tsnet
Use the tsnet package to embed Tailscale inside a Go program.
Use device posture for just-in-time access
Learn how to use device posture for just-in-time access to resources in your tailnet.
Viewing the list of endpoints on your network
Find out how to monitor and easily connect to the endpoints running on machines in your Tailscale network.
Webhooks
Set up a webhook to receive notification of events on your Tailscale network.
Workload identity federation
Use federated OIDC workload identities from third-party providers to authenticate requests to the Tailscale API.