Life on the edge: Networking challenges of AI deploymentsRead more
Get started
Login
WireGuard is a registered trademark of Jason A. Donenfeld.
© 2024 Tailscale Inc. All rights reserved. Tailscale is a registered trademark of Tailscale Inc.

Plans that work for everyone

Tailscale at Work

Starter

For teams or organizations looking for an easy-to-use, secure, legacy VPN replacement.

$6

Per active user/month

Get started free

Users and devices

  • Unlimited Users
  • 100 devices + 10 devices per user Need more?

Features

  • Limited ACLs
  • Standard user roles
  • ACL tags
  • Auth Keys
  • SSO with any IdP
  • Configuration Audit Logging
  • Webhooks

Premium

For companies who need service and resource level authentication and access control.

$18

Per active user/month

Get started free

Users and devices

  • Unlimited Users
  • 100 devices + 20 devices per user Need more?

Features

  • ACLs
  • SSO with any IdP
  • Network flow logging
  • Tailscale SSH
  • Tailscale Funnel
  • GitOps for ACLs
  • Advanced user roles
  • MDM Policies
  • Priority support

Enterprise

For companies who need advanced integrations, compliance and support for access control at scale.

Custom

Purpose-built for business

Contact Sales

Users and devices

  • Unlimited Users
  • 100 devices + 20 devices per user Need more?

Features

  • User & Group provisioning (SCIM)
  • Network flow logging with log streaming
  • Tailscale SSH session recording
  • Annual Billing
  • Pay By Invoice
  • Tailnet Lock
  • Advanced Device Posture Management
  • MDM Policies
  • Priority support
  • Additional Support Options

For any plan

Add-ons

Get more out of Tailscale with optional add-ons. Available on all plans. Head to the settings page to configure your add-ons.

Mullvad

Securely and privately browse the web with Tailscale + Mullvad. Learn more

$5

Per month for 5 devices

Manage add-ons

Additional devices

Add devices without adding more users to your plan. Learn more

$0.50

Per device/month

Get started

Tailscale at Home

Personal

For individuals who want to securely connect personal devices, for free.

$0

Per active user/month

Get started free

Users and devices

  • Up to 3 users w/ public domain
  • Up to 100 devices. Need more?

Features

  • Peer-To-Peer Connections
  • MagicDNS
  • Network, Resource-level, and Attribute-based Access Policies (ACLs)
  • User Approval
  • SSO with any IdP

Have any questions? Check out our product FAQ, licensing FAQ, or contact our sales team.

Pricing FAQs

Yes! Customers who want to use Tailscale for commercial use will get a 14-day trial* of the product with no user limit. Customers who use Tailscale for personal use cases (e.g., homelabs, home VPN etc.) will continue to have access to the free tier plan.

Please see here for how we separate personal vs business use cases.

*Offer terms and conditions.

Tailscale will charge you at the end of each month for all active users on your account during that time period.

We assume customers who sign up for Tailscale using a public domain (e.g., Gmail, Apple, personal GitHub etc.) fall under personal use. These use cases include playing games with friends, or securely connecting to anything from a DigitalOcean droplet to a Raspberry Pi, home security camera, or even a Steam Deck. These customers will automatically get access to the Personal (i.e., free tier) plan upon sign up.

We assume customers who sign up with a custom domain (e.g., @acme.com) will fall under the commercial use category. These use cases include securely connecting critical infrastructure - from production clusters, Kubernetes clusters, on-premise databases and more. These customers will get auto-enrolled into a 14-day trial* of the product. Personal users with custom domains can opt-out of the trial (see here for details).

If you sign up for Tailscale with your personal email domain (e.g., a Gmail or Apple email account) or if you explicitly opt-out of the trial, then we will assume you are using Tailscale for personal use. In this scenario, your Tailscale account is owned by you solely for your own personal use. These use cases include playing games with friends, or securely connecting to anything from a DigitalOcean droplet to a Raspberry Pi, home security camera, or even a Steam Deck.

If you sign up for Tailscale with your work email or other custom domains (e.g., @acme.com), then we will assume you are using Tailscale for commercial use. In this scenario, the Tailscale account is owned by the company or organization that owns and controls that email domain. Your use of Tailscale with this account is presumed to be for commercial purposes. These use cases include securely connecting critical infrastructure - from production clusters, Kubernetes clusters, on-premise databases and more.

Yes, you can opt out of the trial in the admin console. Once you end the trial, you will be on the Personal plan.

Please note, however, that the Personal plan is limited and is not intended for commercial use. If you sign up for Tailscale with your work email or other custom domains (e.g., @acme.com), then the Tailscale account is owned by the company or organization that owns and controls that email domain, regardless of which plan you are on.

Our Free plan offers the ability to add a maximum of 100 devices. However for our Starter, Premium, and Enterprise plans the total number of allowed devices increases as the number of provisioned users on the network increases. Device limits are pooled across the account.

For example: if you have 5 users on the Starter plan, you are entitled to 100 devices + (5 users x 10 devices each) = 150 devices. One user can have 30 provisioned devices and the remaining four users can each have 5 provisioned devices, leaving a pool of 100 devices for shared company resources (e.g. servers or file shares). Devices shared with you as a user don’t count towards your limit.

For example, if you sign up for the Starter plan and have 2 users, you are entitled to 120 devices. If you have 200 devices you want to add to your tailnet, you can purchase 80 more devices for your plan at $0.50 each, without needing to add more users.

ACLs allow your organization to adopt one of the core tenets of Zero Trust networking: least privileged access. Before joining your tailnet every user is authenticated using an identity provider (IdP) such as Okta, Azure AD, or Github. Organizations on certain plans can choose to segment their users into roles and groups (e.g. developer and engineering org) to apply policies at scale. ACL tags, the last piece to this puzzle, allow you to assign an identity to your devices. Once these pieces are in place, your teams can enforce least privilege access across your organization’s private network.

Customers on the Premium (and above) plan will get full ACL functionality. This includes having the ability to name individual users directly in ACL rules, the ability to create custom groups in the ACL file and the ability to name those custom groups in ACL rules. Customers in the Starter plans are are limited to the autogroups "admin" and "member" only. These are predefined roles created by Tailscale. Please see our ACL documentation for a more comprehensive explanation on ACLs and the Starter Plan ACL example for more information.

Not-for-profit organizations and educational institutions are eligible for a 50% discount. In order to receive the discount, you will need to provide documentation of your registered entity. Choose your plan on the Billing page of the admin console, then contact us to have the discount applied.

Try Tailscale for free

Schedule a demo
Contact sales
cta phone
mercury
instacrt
Retool
duolingo
Hugging Face