Skip to main content

Comprehensive Guide: Setting up Tailscale for Self-Hosting

Step 1: Install Tailscale Server

  • Download the Tailscale server binary for your platform:
  • Run the server with the following command: ./tailscaled --server-addr
  • This starts the Tailscale server on port 8345 and listens on all interfaces.

Step 2: Obtain Public and Private Keys

  • Generate a Tailscale network key pair: ./tailscaled --network-key-gen
  • Store the public key in a secure location for clients to connect.
  • Keep the private key confidential.

Step 3: Configure Clients

  • Download the Tailscale client binary for each device:
  • Run the client with the following command: ./tailscaled --node-addr <public_ip>:8345 --network-key <network_key_public>
  • Replace <public_ip> with your Tailscale server's IP address and <network_key_public> with the public key obtained in Step 2.

Step 4: Join the Network

  • Once clients are configured, they will join the Tailscale network and be able to communicate with each other over any network.

Step 5: Advanced Configuration (Optional)

  • Custom Network Name: Use --network-name <network_name> to assign a specific name to your Tailscale network.
  • Remote Access: Enable remote access by running ./tailscaled --remote-access on the server. This allows non-Tailscale devices to connect to the network using a VPN.
  • Authentication: Implement authentication using ./tailscaled --auth-file <path/to/auth_file> on the server. This requires creating an authentication file containing user credentials.


  • Use a static IP address for your Tailscale server to avoid connectivity issues.
  • Configure firewall rules to allow traffic on port 8345 for Tailscale communication.
  • Consider using a dedicated machine or container for the Tailscale server for better performance and security.

Further Resources:

Note: This guide provides a basic overview of the process. For more advanced configurations and specific scenarios, refer to the official Tailscale documentation and resources.