Can I use Tailscale alongside other VPNs?

It depends. In most cases, you can’t use Tailscale alongside other VPNs.

In theory, it should work. Tailscale only routes a small subset of your internet traffic (100.x.y.z addresses and subnets), by default, leaving the rest for other VPNs to manage.

In practice, most VPNs set aggressive firewall rules to ensure all network traffic goes through them. They then drop all Tailscale traffic, which only Tailscale knows how to route. VPNs that don’t use aggressive firewall rules may be able to run alongside Tailscale.

On iOS, the system also enforces a limit of running one VPN at a time. Until this policy changes, running more than one VPN at a time on iOS is not possible.

We’re exploring ways we could work with other VPN providers to allow using Tailscale alongside other VPNs, but have no expected timeline to fix this.

Workaround: Split Tunnels

Some VPN providers, such as PIA, allow a “split-tunnel” configuration to bypass traffic for specific applications or addresses ranges. If your other VPN supports this, add the following IP address ranges for compatibility with Tailscale:

100.64.0.0/10
fd7a:115c:a1e0::/48

If you use subnet routes, be sure to add those routes to your split-tunnel configuration too.

When using exit nodes, the split-tunnel workarounds will not work, as Tailscale sets its own aggressive firewall rules to route all traffic to your exit node. Exit nodes only support one VPN at a time.

Last updated

WireGuard is a registered
trademark of Jason A. Donenfeld.

© 2023 Tailscale Inc. All rights reserved.
Tailscale is a registered trademark of Tailscale Inc.

Privacy & Terms