Getting started with Tailscale

The goal of this document is to introduce you to a basic Tailscale deployment that you can modify and extend to build your own, personal Tailscale network using your email address.

The free trial is limited to accounts for simplicity. Using other domains requires some administrative work to configure our authentication provider integrations, which is possible for “full” installations upon request. Please contact us if you'd like to set up a multi-account Tailscale trial for your company's domain.

Note: NAT traversal support is still under development. While it works in many cases, for now it is best if you employ at least one Tailscale node on a device or cloud instance with a publicly accessible IP address.

Installing on macOS

Download “Tailscale” from the macOS App Store. Launch the app and accept the prompts to install a VPN configuration and add entries to your Keychain. Note the "Ts" item in the top menu: Click “Log... Read more

Installing on iOS

Download “Tailscale” from the App Store. Launch the app and accept the prompts to install a VPN configuration and allow push notifications. (Push notifications serve to alert users that they need... Read more

Installing on Windows

will need one or more Windows computers (Windows 7 or higher, 32 or 64-bit). Download and execute the staging installer, which contains extra configuration options for testing: tailscale-ipn-staging... Read more

Installing on Amazon Web Services (AWS)

will need: Access to an AWS console (with permission to create/launch VPCs and EC2 instances). At least one Windows, Linux, macOS, or iOS device with which to connect to the new AWS instance... Read more

Configuring subnet routing on Linux

subnet routing feature facilitates incremental deployment by allowing a single agent to grant access to entire subnets (and not just a single machine). For instance, a relaynode deployed on the NAT Instance... Read more

Configuring ACLs and security policies

This feature is still experimental and will be expanded to support more advanced policy definitions. We welcome comments about how users would like this to work. Currently, ACLs can be defined... Read more


and macOS devices on the same network may have trouble connecting via Tailscale unless the router supports hairpinning (NAT loopback). Work is underway to improve support for this use case. Read more