Tailscale - Pay as You Go

I mainly use Tailscale  for remote access to my services. I have my whole server setup at home, which is a Proxmox cluster where I have a couple of services running on the backend, and I want to access those services remotely such as websites, some Docker  containers, and some stacks. I install Tailscale  on those applications so that I can access them remotely from my PC, whether at home or somewhere else. I turn on Tailscale and use it.

I have a mixed environment in my backend, which includes a couple of Windows VMs, all my servers being Linux-based, my Mac environment, my iPhone, and my MacBook that I bring outside, so I install Tailscale on those devices. I also have my router in pfSense where I install Tailscale as well.

I use Tailscale mostly on-premises to access all of my services. I could deploy it on cloud services such as AWS  or Azure , but I already have my own environment, so everything is just within the premise.

I find troubleshooting to be very easy with Tailscale, as I turn it on everywhere I go, and I can access my services remotely and securely without worrying about a certificate or anything. Another advantage of Tailscale is that sometimes I need to be physically at home to troubleshoot or to do something for myself or for my business. Tailscale has this service called Exit Node, so when I am outside, I turn on Tailscale and enable the Exit Node. I install this in two devices in my home lab, allowing me to route my network through those devices even if I am physically outside, which means other companies see me staying at home doing my work.

MagicDNS is really good because I do not have to remember the IP address of all of my devices or services, and I also use split DNS as well, where some of the networking requests actually go through my pfSense router and bounce to some of the local devices that I have here.

One thing I want Tailscale to improve is their user interface for Arch Linux, which is one of the devices I have that I installed Tailscale on, but they do not have the native package with full features, a capability I really want them to develop. Another enhancement would be to allow a graphical interface for more power users. Sometimes I want to run things on the website or user interface, so I wish to control advanced access control lists with a good user interface, and that would really be helpful.

I have been using Tailscale for two years, and it has been going great.

Tailscale has been very stable in my experience, with no issues so far. I would suggest for other users that when you want to upgrade the service or the app for security reasons, sometimes Tailscale app, especially on iOS, might break, so it is better to see any updates and maybe wait for a couple of days for feedback before upgrading the apps.

Tailscale's scalability seems very good, as I install it and currently have around twenty or thirty apps running on my web admin in Tailscale. I believe Tailscale uses AWS  services as a base, so I think they have no issues scaling up the services.

So far, I do not have any issues with Tailscale. If I do, I go to Reddit, which I think is one of the official channels for them, and there are a lot of Tailscale staff that respond in that channel, allowing me to ask questions there.

I had been using another service before, which is WireGuard, but the thing for WireGuard is that I had to open ports on my router to be able to use it remotely. Tailscale uses WireGuard technology, and the speed is the same, but the setup for Tailscale is very easy, which is a very good point.

Before Tailscale, I used WireGuard, but I had to open a hole in my firewall for port forwarding. After finding out that Tailscale is a very easy mesh P2P network, I completely switched to Tailscale because it is very easy.

I think Tailscale is very easy to use, and that is the best thing that I would add here.

I find the process of installing Tailscale on all those different devices fairly easy, where I just run a command, a CLI command, to install it. There are two ways: I either find the command by adding the device from Tailscale user interface, or I just run the command directly on the device, and they will give me a link to click to activate the device. However, one thing that I want to add for Tailscale is that sometimes I need a very simple user interface to control my services. Most of my devices can install it and have a native setup with a user interface, but I have Arch Linux on one PC, and I could not find the applications from Tailscale that natively support that app.

I notice a lot of time saved with Tailscale because it is very easy to set up, and I think it saves around forty percent of the time to turn on and manage my remote environment. Everything is pretty smooth.

Before choosing Tailscale, I evaluated other options such as Cloudflare , Cloudflare  Zero Trust, and some services such as Headscale as well. However, when I bumped into Tailscale and tried it, it hooked me right away, primarily for its remote access, easy setup, and multi-environment support.

Tailscale has been helping my organization a lot, primarily for security, as I do not have to open up any port in my router, which is really helpful. There are other options to access my services and applications remotely, such as Cloudflare Tunnel, but that again exposes risk to the public. Even with their zero trust network, it still feels somewhat risky. However, for Tailscale, everything is encrypted in the mesh network, the speed is really good, and I really appreciate that. Tailscale also offers it for free for three users and up to one hundred applications or nodes, and I am still using that, which is really good. I think for others, if they want to try Tailscale, they can register for free first and try it out; there is no harm in that.

I am still using the free tier of Tailscale, but I have a lot of services under it. Pricing seems good because they offer, as I mentioned, up to three users and one hundred apps or services for free, so I am still trying it out, and the service and the speed are pretty good.

I recommend that Tailscale users take advantage of the offering of a free tier and try it first. I give this product a review rating of eight out of ten.

We use Tailscale  because we work for so many companies and each company has their own way of allowing their employees to connect to their infrastructure. We use Tailscale  primarily for this purpose. For example, if there are Kubernetes  clusters and engineers need to connect to the cluster to run their local applications against it, they connect using Tailscale. Additionally, we sometimes establish connections between on-premises and cloud environments. The first case involves ensuring that clients' employees have access to resources such as Kubernetes  clusters, and the second case involves making connections between on-premises and cloud infrastructure, which makes it easier to connect.

Let me give you a quick simple example of how I've used Tailscale for one of my clients. One of our clients wanted their engineers to be able to connect to the cluster internally instead of going through the public internet. We introduced them to Tailscale and set up the tailnet in Tailscale. The tailnet in Tailscale enabled us to install a Tailscale operator on each cluster. For instance, if our client has ten clusters, we install the Tailscale operator to expose the subnet router of each environment to the tailnet. Users can connect to the tailnet, and since the subnet router is already exposed to the tailnet, they can have access to their clusters through the subnet routers that are already exposed to the tailnet. This is how they can connect to the Kubernetes cluster. The reason is because we don't want users to connect through the public internet, and in the setup of the Kubernetes cluster, we only allowed one or two specific VPN connections. The only way we can allow employees to connect is through the tailnet. We installed a Tailscale subnet router on each cluster, which exposed the cluster VPC and networks in the tailnet. When employees connect to the tailnet, since the subnet router is already exposed to the tailnet, they can connect through the tailnet.

There is another scenario where clients are trying to access their on-premises data to the cloud. Instead of using a cloud VPN, which would be a headache and could cost a lot, we decided to use Headscale. Headscale is similar to Tailscale because Tailscale is the enterprise version while Headscale is the open source alternative. We set up Tailscale for them on-premises and on the cloud. We set up a Tailscale tailnet on the cloud, and we set up a subnet router on-premises and another subnet router on the cloud. Both subnet routers will connect to the tailnet on the cloud and expose their VPCs. The one on the cloud will expose its VPC to the tailnet and the one on-premises will expose its VPCs to the tailnet. Machines on-premises can connect to machines on the cloud through the tailnet connection. The machine in the tailnet that is on-premises serves as a subnet router, and the one on the cloud also serves as a subnet router that routes traffic from the cloud to the tailnet, while the one on-premises serves as a subnet router that routes traffic from the on-premises to the tailnet.

When a connection needs to be established, for example from the cloud to the on-premises, we create a routing policy that says if you want to talk to a specific IP which is on on-premises, go through the subnet router. The same thing applies with the on-premises as well. If you want to talk to a specific IP on the cloud, go through the on-premises subnet router. This way, it connects to the tailnet which has exposure of the cloud IPs, and the connection is made.

I would say one of the best features Tailscale offers is the ACL , the Access Control List. Tailscale has positively impacted my organization very well. We don't have any VPN issues or VPN connection issues typically, and we don't really maintain them. We just make sure the tailnet is available. Tailscale has really helped in terms of security because users can be in another part of the world. Instead of them connecting to the company environment through the local network there, they can switch on their Tailscale and once they switch on their Tailscale, they don't have to connect over their internet; they just go through Tailscale to access company infrastructures. In terms of security, it is very good.

I would say that in terms of Tailscale, if I have so many tailnets I need to connect to, there are some issues in the login process that need a little bit of attention from the Tailscale team. Sometimes, you would probably need to restart your entire system for it to connect. As a DevOps as a Service engineer, I have so many clients that are using Tailscale, and I would need to connect to maybe five different tailnets because they are different clients. Client A might have a Tailscale, Client B, Client C, and so on. When changing between tailnets, sometimes it hangs. Sometimes you might need to restart your entire system. This is a bit of a headache in that aspect. However, I believe if you are just using a particular tailnet, just one, then it is quite easy and there won't be any headache. For me, I think it can be improved in the aspect of having multiple tailnets to connect to. A good refresh on the Tailscale side and the backend side to refresh the connection anytime there is a new connection to be made would be helpful. Instead of needing to restart the system, it should be able to refresh itself. The connection side and connecting to multiple Tailscale instances can be problematic, and sometimes you have to restart your system when switching between them.

The ACL  sometimes is like another language on its own entirely. It is fine, but they need to make it in a YAML format instead of the current format because it is quite new and something you have to go and study. If they can make it like a YAML format, that would be better.

Aside from the switching which I mentioned and the fact that you have to relearn their ACL, if the ACL could be in a YAML format instead of JSON format, that would be beneficial. I don't think there is much they can do about the switching of tailnets, but if they can have a YAML format of the ACL, that would be good. Every other thing is a ten out of ten. The connection-wise is easy to set up and easy to install. It is good to have things connected all together from on-premises, from so many environments, and even exit nodes as well. It is good overall.

The pricing, I think Tailscale can be a little bit on the higher side. It is not for teams with just small users. If you want to set it up for small users and a small startup, I don't think you can afford it and might need to go to other open-source alternatives. It is good for teams that have maybe fifty plus users or one hundred users. In terms of pricing, I would say it is on the higher side, but it is worth it. The price is worth the functionality. As a user, I would say it is more on the higher side, but based on its functionality, it is worth the price.

I have been using Tailscale since I joined CloudKites, which is almost three years now. I would say three years.

Tailscale is very stable. I haven't had any issues with it, and it has always been stable. It is good.

Tailscale is a SaaS platform, so Tailscale scales it themselves. This is why, as I said earlier, I don't have any issues with stability, as it scales on their end. However, if I am installing a subnet router, scaling it is also easy. You probably just need only one pod or one node to expose your VPC or your network to the tailnet. In terms of scalability, there is no issue there. It is a ten out of ten.

Tailscale customer support is cool, but we miss the human interaction. The support is all right.

Tailscale customer support is very good. They always want to help every time. I would give it a ten out of ten.

Previously, we have used a cloud VPN. I think it can be a little stressful, especially if you have so many environments to maintain. It is not combined into one. If you have ten clusters, you have to maintain them individually. There is no single interface where you can manage all ten cloud VPNs; you have to be managing them separately.

As I mentioned, we have explored cloud VPN. There is another one I have heard about which is NordLayer . I haven't tried it, but I think it is just purely a VPN. It is not something that you can use to expose subnet routers, exit nodes, and other features that Tailscale offers. I think it is just a pure VPN. Personally, cloud VPN is the only one we have explored, but it does not have enough capabilities compared to Tailscale.

I think Tailscale has shown a return on investment in terms of time saved because it is a SaaS platform. It provides time savings instead of maintaining a VPN. You just make sure you have a Tailscale account, then you install the subnet router or exit node on any of the environments you want to use it on. You just set them up and you should be good.

I would tell others looking into using Tailscale to go ahead if they can evaluate their infrastructure setup or how they want employees to access that infrastructure, and if they have their finances for it, then sure, you can go. Tailscale is a very good product for companies and teams generally, particularly for infrastructure, DevOps teams, and developer teams. It is very good for them. They should go ahead and use Tailscale. However, if money is going to be an issue, they can look into open-source products. However, with open-source products, you still have to maintain the infrastructure on how you set up the tailnet. Aside from that, go ahead with Tailscale if you don't want to manage the infrastructure of your entire tailnet. Just use the normal Tailscale product.

Personally, I don't really have much other improvement to suggest. It is cool the way it is. Aside from the two things I mentioned regarding ACL format and multiple tailnet switching, Tailscale should be solid.

I don't have much else for Tailscale. I just think it is a good product for people to use, especially if they want to make sure the connectivity is secured, and if you want to establish connections in many ways that are possible. Overall, I give Tailscale a rating of eight out of ten.

I use Tailscale  to connect from outside my local network. I set it up on my server and on multiple clients, including my smartphone (iPhone), laptop, MacBook, and TVs, as well as my parents' TVs which are far from my home. Basically, all the devices that I use to connect to my server.

For the most part, I use it to connect to my media server, which contains a collection of media. I also use it as a DNS server. Since my server has DNS, it spreads to all the devices which I am connected to.

I also use it to connect via SSH to start other clients via Wake-on-LAN. I have been using it every day since June 2025, and it has never given me a problem. I also contacted support for some questions, and the support was great. I am actually really impressed by the product and its support.

The features that I love the most are the simplicity of setting it up. I can do it in about two minutes. I just download the app on the client, use a QR code or a key, and set it up. Another feature is Tailnet, which allows me to manage the devices and organize them.

Because I have been using it since June 2025 and never used it before, coming from a very basic level of knowledge, it was really simple to learn and set up. For me, using Tailscale  on all my devices is a definite choice.

I do not think there is anything that I wish would have been better because, honestly, for my use case, it has everything I need. I read that people complain about the maximum number of users that can use it under one account, but that is not my use case. For my use case, it has nothing more that I need. It has everything, and it is perfect for my use case.

I have been using Tailscale since I built my home server, which was in June 2025.

Tailscale is really stable.

Until now, with 20 devices, I still have not encountered any limitation. There is no limitation for now.

I only used customer support one time to ask a question that I do not remember, honestly, but the customer support is really great since they responded really quickly and provided very explanatory answers.

At my home, I never used any other service, but in my previous job, I used OpenVPN . However, it was already set up. I did not know how to set it up. It was a bit more problematic because it had connection problems, but I do not have much experience to analyze and talk about it.

Setting up a Tailscale environment took me maybe 10 minutes on the server and two minutes for every device. With about 20 devices, I set up all my environments in about an hour. If I had to use another VPN service, for example WireGuard, I can assume that it would have taken me far more than an hour, something like two hours at least. That is double the time, and Tailscale takes half the time to set up.

We were really engaged with this product. We talked about everything in my opinion, so I do not think there is anything that I would like to add to Tailscale.

As I said, I only use the basic license, so I cannot give any metrics on ROI. But if I had to think about a company or an organization that uses it, I would think that it surely gives a good ROI since it is really a good application and a good service.

Until now, all costs have been free. I never used a license. I never purchased or bought anything more than the basic free license.

I evaluated WireGuard, which I know is the base of Tailscale, but I chose Tailscale since it is more simple, as I said during this interview. That is the main and only reason I chose Tailscale over WireGuard bare metal.

For my use case, these are the main features that I use and have discovered so far. I do not think I have anything more to add in this area.

I would say to use it because, in my case, it really helped my organization with my setup. I would really suggest people use Tailscale if they ask me. I rate this product a 9.

Our main use case for Tailscale  is to provide a VPN service where we can remotely log in or SSH into other devices on our network on Tailscale . We're using Headscale. We use it to perform updates, send information, ping certain cameras, and connect devices.

The company did use ZeroTier  before, but we chose Tailscale for this use case because it has definitely been the better option of the two, providing faster service and easier installation.

I believe I have covered everything about our main use case. Tailscale is a very solid framework and is very useful for smaller companies if they want to start out or even bigger companies who want to have a robust network of devices that they want to manage.

The best features Tailscale offers are the web interface that allows you to see all of the networks, all the IPs that are active and whether they're offline or online. It is very useful when you have a lot of customers and different devices in different areas. The network connectivity feature is the best.

The web interface and network connectivity features help me in my day-to-day work because we can SSH into the device without knowing the public IP or having any other remote RDP services on that device. If we have the Tailscale IP, we're able to get into that device just as if it were on our LAN or as if it was wired. We use this capability day-to-day for devices all across the U.S.

Tailscale has positively impacted our organization by creating a streamlined appearance, and it is definitely apparent that it is one of the backbones of the company. Currently, if Tailscale goes down, our services are not operable. This has happened in the past but has been fixed multiple times. The newest version has fewer bugs than before.

I don't have specific metrics, but I definitely feel it is a lot faster going through the tickets using Tailscale and being able to troubleshoot on the network of the devices.

Tailscale could be improved by having a better way to troubleshoot. Sometimes our devices do go offline, but if we are able to have some sort of command where we can instantly turn off and turn back on the services at the IP, that would be great.

I believe that covers the needed improvements; it is already a pretty smooth experience.

I have been using Tailscale since I started my career, which was three years ago.

Tailscale is stable in my experience.

Tailscale is definitely very scalable. We haven't had any problems with our scalability, as we have over 300 to 400 devices that use Tailscale that we connect with and utilize on a daily basis.

I have not personally reached out to customer support, but I believe my manager may have when it went down one time.

We did use ZeroTier  before; that was before I was employed, but some of our devices still have it installed. They marked up the price significantly, so we did not continue with them.

We deploy Tailscale on a private cloud using Headscale, and we use DigitalOcean  to host the Headscale server so that we can use Tailscale on all the devices and connect them. We install Tailscale on the device and log in.

I haven't seen a return on investment with Tailscale based on metrics because we are not big enough to have the metrics or have time for the metrics, but on a personal note, it seems faster and is very streamlined.

I would tell others looking into using Tailscale to get it and use it. If they need an enterprise-level network, it is definitely one of the best solutions.

I was not involved in decision-making before choosing Tailscale; I am just utilizing the software, so I did not come up with the solution of Tailscale.

I rated this review a 9 out of 10.

My main use case for Tailscale  is remote access to devices across networks.

In my church context, I can give you a quick specific example of how I use Tailscale  for remote access: we have a Reolink doorbell that I access over the local network via the Reolink client apps or MPV, and it also has a cloud solution that is slow and unreliable. I use Tailscale to remotely connect to the doorbell and its NVR, and it is quick, nice, smooth, and great. Another example is in my homelab, where I have many devices in a rack, and I use Tailscale to connect to any of them for fast, reliable access since they can all be in one Tailnet. In the church context, I can use subnet routing to fully expose the entire subnet that the doorbell is on and access various other server computers remotely.

In the church context, I have a number of server computers running virtual machines on a Proxmox device, and I generally SSH into the Proxmox host or the virtual machines through Tailscale when I am outside of the church network. Tailscale gives me a list of all devices on the Tailnet, making it easy to copy the IP addresses and access everything flawlessly.

I would say the best features Tailscale offers are ease of use and ease of remote access. Compared to Tailscale's competitors that I have tried, such as ZeroTier , Tailscale allows you to access a device from another place in significantly less time. Tailscale is very fast, and WireGuard as a protocol is a great choice for a VPN solution because it is so quick, making things such as game streaming over Tailscale easy and fast.

Tailscale's security is fabulous, especially the access control features and the ability to use existing OAuth accounts for access. The user interface is very sleek and not cluttered, which I appreciate when I am on a device with a graphical interface or a command line interface. There are a couple of quirks with the command line interface that I believe are intentional design choices for the best.

Tailscale has positively impacted my organization by making the previously unusable doorbell with the cloud solution fast and reliable for remote access. Previously, conversations through it would be stuttery and hard to understand, with periods of no video feed. Tailscale fully fixed that issue. Accessing servers is easier, allowing me to SSH into the hypervisor or virtual machine seamlessly whenever I need to improve a feature or fix downtime issues. Tailscale managing the security for these critical functions is a beneficial aspect.

I do believe there are a couple of features and changes I would like to see with Tailscale. I initially got introduced to Tailscale in high school when I needed access to services running on my server, but due to deep packet inspection being in place, I could not use Tailscale. Tailscale's free plan effectively introduces people to the service, but I would love to see an anti-censorship VPN protocol implemented. When accessing my homelab, I usually have to resort to using VLESS host through 3X-UI, which is complicated. I would like Tailscale to provide more censorship-resistant options, such as Shadowsocks or VLESS, as fallback protocols.

I would like more anti-censorship protocols, such as VLESS or Shadowsocks, so I can effectively use Tailscale in environments with censored internet access that block WireGuard through deep packet inspection.

More anti-censorship VPN protocols are the main improvement I wish for. If Tailscale implemented these, I would use it for all my VPN needs and would likely use Tailscale entirely.

I have been using Tailscale for five years.

The user interface, documentation, and support for Tailscale are fabulous, and I have no complaints about the user interface. I might prefer a TUI instead of a CLI because I am often not using graphical applications, but the CLI is satisfactory. Overall, the interfaces are great, and the documentation is straightforward for setting up Tailscale on server devices. I only need to reference documentation for specific features such as enabling subnet routing.

My advice to others looking into using Tailscale is to do it; it makes remote access much easier.