Complete Tailscale Setup Guide: Access Your Home Network From Anywhere

Tailscale is the easiest way to securely access your home devices from anywhere. This guide covers every setup option in detail - pick the one that fits your situation.

New to remote access? Start with our overview guide on accessing local devices from anywhere to understand your options.

---

What You’ll Need

• A free Tailscale account (sign up here)
• The device you want to access remotely
• A phone, laptop, or tablet to connect from

---

Quick Start: The Basics

The basic idea:

1. Install Tailscale on each device you want to connect
2. Log in with the same account
3. Done - devices can now talk to each other using their Tailscale IPs

---

Choose Your Setup

Pick the option that matches your situation:

---

Option 1: Direct Install

Best for: Computers, servers, or any device running a standard OS

Windows

1. Download the installer from tailscale.com/download/windows
2. Run the installer
3. Click the Tailscale icon in your system tray
4. Click Log in and sign in with your account
5. Done! Note your Tailscale IP (starts with 100.)

macOS

1. Download from the Mac App Store or direct download
2. Open Tailscale from Applications
3. Click the menu bar icon → Log in
4. Done!

Linux (Debian/Ubuntu)

# Add Tailscale's package repository
curl -fsSL https://tailscale.com/install.sh | sh

# Start Tailscale
sudo tailscale up

# Follow the link to authenticate

Linux (Other distributions)

Check the official Linux docs for Fedora, Arch, CentOS, etc.

---

Option 2: Raspberry Pi Bridge

Best for: Devices that can’t run Tailscale themselves (like some IoT devices, older hardware, or proprietary systems)

What You Need

• Raspberry Pi (any model - even a $15 Pi Zero W works)
• MicroSD card (8GB+)
• Power supply
• Network connection (Ethernet or WiFi)

Step 1: Set Up the Raspberry Pi

1. Download Raspberry Pi Imager
2. Flash Raspberry Pi OS Lite to your SD card
3. In the imager settings, enable SSH and configure WiFi if needed
4. Boot the Pi and SSH into it:

   ssh [email protected]

Step 2: Install Tailscale

# Install Tailscale
curl -fsSL https://tailscale.com/install.sh | sh

# Start Tailscale and authenticate
sudo tailscale up

# Copy the URL it shows and open it in a browser to log in

Step 3: Enable Subnet Routing

This allows you to access OTHER devices on your home network through the Pi:

# Enable IP forwarding
echo 'net.ipv4.ip_forward = 1' | sudo tee -a /etc/sysctl.conf
echo 'net.ipv6.conf.all.forwarding = 1' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p

# Advertise your local network (adjust the subnet if yours is different)
sudo tailscale up --advertise-routes=192.168.1.0/24

Step 4: Approve the Route

1. Go to Tailscale Admin Console
2. Find your Raspberry Pi
3. Click the … menu → Edit route settings
4. Enable the subnet route

Step 5: Access Your Devices

Now from anywhere, you can access devices on your home network:

• Your device at 192.168.1.50 is now reachable
• Just connect to Tailscale on your phone/laptop and browse to the IP

---

Option 3: Docker Container

Best for: Servers, NAS devices, or anywhere you’re already running Docker

Basic Docker Run

docker run -d \
  --name=tailscale \
  --hostname=tailscale-docker \
  --cap-add=NET_ADMIN \
  --cap-add=SYS_MODULE \
  -e TS_AUTHKEY=tskey-auth-xxxxx \
  -e TS_STATE_DIR=/var/lib/tailscale \
  -v tailscale-state:/var/lib/tailscale \
  -v /dev/net/tun:/dev/net/tun \
  --network=host \
  tailscale/tailscale:latest

Docker Compose

version: '3.8'
services:
  tailscale:
    image: tailscale/tailscale:latest
    container_name: tailscale
    hostname: tailscale-docker
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    environment:
      - TS_AUTHKEY=tskey-auth-xxxxx  # Get from admin console
      - TS_STATE_DIR=/var/lib/tailscale
      - TS_ROUTES=192.168.1.0/24     # Optional: expose local network
    volumes:
      - tailscale-state:/var/lib/tailscale
      - /dev/net/tun:/dev/net/tun
    network_mode: host
    restart: unless-stopped

volumes:
  tailscale-state:

Getting an Auth Key

1. Go to Tailscale Admin Console
2. Click Generate auth key
3. Enable Reusable if you want the container to reconnect after restarts
4. Copy the key and use it in the TS_AUTHKEY variable

---

Option 4: NAS (Synology/QNAP)

Synology DSM 7+

1. Open Package Center
2. Search for Tailscale
3. Click Install
4. Open Tailscale from the main menu
5. Click Log in and authenticate

Synology (Manual/Older DSM)

If Tailscale isn’t in Package Center:

1. Download the SPK from Tailscale’s package server
2. In Package Center, click Manual Install
3. Upload the SPK file

QNAP

1. Download the QPKG from Tailscale downloads
2. Open App Center → Install Manually
3. Upload and install

Enabling Subnet Routes on NAS

SSH into your NAS and run:

# Synology
sudo tailscale up --advertise-routes=192.168.1.0/24

# Then approve in the admin console

---

Option 5: Router Level

Best for: Accessing your entire home network without installing Tailscale on every device

Supported Routers

• OpenWrt: Native Tailscale package available
• OPNsense: Plugin available
• pfSense: Manual installation possible
• UniFi: Use a Pi bridge instead (UDM doesn’t support Tailscale directly)

OpenWrt Setup

# Install Tailscale
opkg update
opkg install tailscale

# Start and authenticate
tailscale up --advertise-routes=192.168.1.0/24 --accept-dns=false

Alternative: Pi as Router Gateway

If your router doesn’t support Tailscale, use Option 2 (Raspberry Pi Bridge) - it achieves the same result.

---

Setting Up Your Phone/Laptop (Client Side)

You’ll also need Tailscale on the device you’re connecting FROM:

iPhone/iPad

1. Download Tailscale from App Store
2. Open and tap Log in
3. That’s it!

Android

1. Download Tailscale from Play Store
2. Open and tap Log in

Desktop

See Option 1 above for Windows, macOS, and Linux.

---

Testing Your Connection

Quick Test

From your phone (on cellular, not WiFi):

# If you have a terminal app, ping your device
ping 100.x.x.x

# Or just open a browser and go to
http://100.x.x.x:port

---

Troubleshooting

”Connection timed out”

• Check both devices show as online in Tailscale admin
• Make sure you’re using the Tailscale IP (100.x.x.x), not the local IP
• If using subnet routes, verify they’re approved in the admin console

”Can’t reach local network devices”

• Subnet routes need to be explicitly approved in the admin console
• Check IP forwarding is enabled on the gateway device
• Verify the subnet range is correct (e.g., 192.168.1.0/24)

Slow connection

• Tailscale usually establishes direct connections, but sometimes traffic goes through relay servers
• Check connection quality: tailscale ping <device-name>
• If it says “via DERP”, there might be a firewall blocking direct connections

Service not starting on boot

# Linux: Enable the service
sudo systemctl enable tailscaled
sudo systemctl start tailscaled

# Then authenticate
sudo tailscale up

---

Useful Commands

# Check status
tailscale status

# Get your Tailscale IP
tailscale ip -4

# See all devices on your network
tailscale status

# Check connection to another device
tailscale ping <device-name>

# Disconnect temporarily
tailscale down

# Reconnect
tailscale up

# View/change advertised routes
tailscale up --advertise-routes=192.168.1.0/24

# Enable exit node (route all traffic through this device)
tailscale up --advertise-exit-node

---

What’s Next?

Once you have Tailscale running, you can:

• Access web interfaces of your home devices from anywhere
• SSH into servers without exposing port 22 to the internet
• Use your home network as an exit node (like a personal VPN)
• Share specific devices with family members using Tailscale sharing

Tailscale’s official documentation has even more advanced features like MagicDNS, ACLs, and Funnel.

Happy networking! 🔐🌐