Docs / Install

Getting Started with Tailscale

Welcome! Follow the steps below to create your own private Tailscale network.

Step 1: Sign up for an account

You can sign up for a Tailscale account online.

Tailscale requires a Single Sign-On (SSO) provider, so you’ll need a Google, Microsoft, Okta, OneLogin, Ping, or other supported auth provider account to begin.

Step 2: Add a machine to your network

In order for Tailscale to be useful, we need to add a machine to your network. Each machine needs to run some client-side software. We support popular platforms like Linux, Windows, macOS, iOS, and Android. Download and setup Tailscale on a machine by following the link below.

Step 3: Add another machine to your network

You just added your first machine to your Tailscale network. However, a network with only a single machine is somewhat lonely. The power of a network is only fully realized as more machines are added. You can add more machines you manage to your network by repeating step 2 or by inviting others to join your network.


Next steps

Congratulations! You just created your own private Tailscale network!

Once you have a network of multiple machines established, that’s when all the fun and excitement begins. Tailscale provides each machine on the network with a unique 100.x.y.z IP address so that you can establish stable connections between machines regardless of where those machines are located in the world, regardless of whether they switch between different internet-accessible networks (e.g. home Ethernet, coffee shop Wi-Fi, or a cellular hotspot), and regardless of whether they are behind a firewall.

Tailscale allows you to connect to any machine in your network, from anywhere in the world, over any standard network protocol. To help spark your imagination of how you can powerfully use Tailscale, here are some ideas:

  • Remotely administer a computer from anywhere. This can be over teletext protocols such as Secure Shell (SSH) and Telnet, or over graphical protocols such as Microsoft Remote Desktop Protocol (RDP) and Virtual Network Computing (VNC).
  • Send/receive files to/from a Network Attached Storage server over protocols such as File Transfer Protocol (FTP), Microsoft Common Internet File System (CIFS), or Network File System (NFS). Media files can be viewed from players such as VLC, Jellyfin, OSMC, Kodi, Plex, or Universal Media Server.
  • Host a private server for you and your peers. Use it to play Minecraft together or chat together on Discord.
  • Host a private VS Code server for you to remotely write code from any machine, but stored on a centralized machine.
  • Keep your internet activities private while operating on an untrusted network, such as one provided by a coffee shop Wi-Fi. All your network can be configured to be routed through a machine that you trust, by setting it up as an exit node.
  • Quickly share prototype servers with other colleagues without needing to wrangle with firewall settings.
  • See the Solutions or Guides pages for more ideas.

Note that historically insecure protocols like Telnet, VNC, FTP, HTTP, etc. become secure over Tailscale since all traffic is encrypted under the hood using WireGuard.

To manage the machines in your Tailscale network, visit the admin console. Many of the advanced features of Tailscale are configured from this panel.


Advanced features

DNS in Tailscale

Tailscale provides each device on your network with a unique IP address that stays the same no matter where your devices are. However, IP …

Subnet routers and traffic relay nodes

Tailscale works best when the client app is installed directly on every client, server, and VM in your organization. That way, traffic is …

Network access controls (ACLs)

Tailscale supports network access control rules, sometimes called ACLs. ACLs let you precisely define what a particular user or device is …

Last updated

WireGuard is a registered
trademark of Jason A. Donenfeld.

© 2021 Tailscale Inc.

Privacy & Terms