Tailscale Reviews

We use Tailscale because we work for so many companies and each company has their own way of allowing their employees to connect to their infrastructure. We use Tailscale primarily for this purpose. For example, if there are Kubernetes clusters and engineers need to connect to the cluster to run their local applications against it, they connect using Tailscale. Additionally, we sometimes establish connections between on-premises and cloud environments. The first case involves ensuring that clients' employees have access to resources such as Kubernetes clusters, and the second case involves making connections between on-premises and cloud infrastructure, which makes it easier to connect.

Let me give you a quick simple example of how I've used Tailscale for one of my clients. One of our clients wanted their engineers to be able to connect to the cluster internally instead of going through the public internet. We introduced them to Tailscale and set up the tailnet in Tailscale. The tailnet in Tailscale enabled us to install a Tailscale operator on each cluster. For instance, if our client has ten clusters, we install the Tailscale operator to expose the subnet router of each environment to the tailnet. Users can connect to the tailnet, and since the subnet router is already exposed to the tailnet, they can have access to their clusters through the subnet routers that are already exposed to the tailnet. This is how they can connect to the Kubernetes cluster. The reason is because we don't want users to connect through the public internet, and in the setup of the Kubernetes cluster, we only allowed one or two specific VPN connections. The only way we can allow employees to connect is through the tailnet. We installed a Tailscale subnet router on each cluster, which exposed the cluster VPC and networks in the tailnet. When employees connect to the tailnet, since the subnet router is already exposed to the tailnet, they can connect through the tailnet.

There is another scenario where clients are trying to access their on-premises data to the cloud. Instead of using a cloud VPN, which would be a headache and could cost a lot, we decided to use Headscale. Headscale is similar to Tailscale because Tailscale is the enterprise version while Headscale is the open source alternative. We set up Tailscale for them on-premises and on the cloud. We set up a Tailscale tailnet on the cloud, and we set up a subnet router on-premises and another subnet router on the cloud. Both subnet routers will connect to the tailnet on the cloud and expose their VPCs. The one on the cloud will expose its VPC to the tailnet and the one on-premises will expose its VPCs to the tailnet. Machines on-premises can connect to machines on the cloud through the tailnet connection. The machine in the tailnet that is on-premises serves as a subnet router, and the one on the cloud also serves as a subnet router that routes traffic from the cloud to the tailnet, while the one on-premises serves as a subnet router that routes traffic from the on-premises to the tailnet.

When a connection needs to be established, for example from the cloud to the on-premises, we create a routing policy that says if you want to talk to a specific IP which is on on-premises, go through the subnet router. The same thing applies with the on-premises as well. If you want to talk to a specific IP on the cloud, go through the on-premises subnet router. This way, it connects to the tailnet which has exposure of the cloud IPs, and the connection is made.

I would say one of the best features Tailscale offers is the ACL, the Access Control List. Tailscale has positively impacted my organization very well. We don't have any VPN issues or VPN connection issues typically, and we don't really maintain them. We just make sure the tailnet is available. Tailscale has really helped in terms of security because users can be in another part of the world. Instead of them connecting to the company environment through the local network there, they can switch on their Tailscale and once they switch on their Tailscale, they don't have to connect over their internet; they just go through Tailscale to access company infrastructures. In terms of security, it is very good.

I would say that in terms of Tailscale, if I have so many tailnets I need to connect to, there are some issues in the login process that need a little bit of attention from the Tailscale team. Sometimes, you would probably need to restart your entire system for it to connect. As a DevOps as a Service engineer, I have so many clients that are using Tailscale, and I would need to connect to maybe five different tailnets because they are different clients. Client A might have a Tailscale, Client B, Client C, and so on. When changing between tailnets, sometimes it hangs. Sometimes you might need to restart your entire system. This is a bit of a headache in that aspect. However, I believe if you are just using a particular tailnet, just one, then it is quite easy and there won't be any headache. For me, I think it can be improved in the aspect of having multiple tailnets to connect to. A good refresh on the Tailscale side and the backend side to refresh the connection anytime there is a new connection to be made would be helpful. Instead of needing to restart the system, it should be able to refresh itself. The connection side and connecting to multiple Tailscale instances can be problematic, and sometimes you have to restart your system when switching between them.

The ACL sometimes is like another language on its own entirely. It is fine, but they need to make it in a YAML format instead of the current format because it is quite new and something you have to go and study. If they can make it like a YAML format, that would be better.

Aside from the switching which I mentioned and the fact that you have to relearn their ACL, if the ACL could be in a YAML format instead of JSON format, that would be beneficial. I don't think there is much they can do about the switching of tailnets, but if they can have a YAML format of the ACL, that would be good. Every other thing is a ten out of ten. The connection-wise is easy to set up and easy to install. It is good to have things connected all together from on-premises, from so many environments, and even exit nodes as well. It is good overall.

The pricing, I think Tailscale can be a little bit on the higher side. It is not for teams with just small users. If you want to set it up for small users and a small startup, I don't think you can afford it and might need to go to other open-source alternatives. It is good for teams that have maybe fifty plus users or one hundred users. In terms of pricing, I would say it is on the higher side, but it is worth it. The price is worth the functionality. As a user, I would say it is more on the higher side, but based on its functionality, it is worth the price.

I have been using Tailscale since I joined CloudKites, which is almost three years now. I would say three years.

Tailscale is very stable. I haven't had any issues with it, and it has always been stable. It is good.

Tailscale is a SaaS platform, so Tailscale scales it themselves. This is why, as I said earlier, I don't have any issues with stability, as it scales on their end. However, if I am installing a subnet router, scaling it is also easy. You probably just need only one pod or one node to expose your VPC or your network to the tailnet. In terms of scalability, there is no issue there. It is a ten out of ten.

Tailscale customer support is cool, but we miss the human interaction. The support is all right.

Tailscale customer support is very good. They always want to help every time. I would give it a ten out of ten.

Previously, we have used a cloud VPN. I think it can be a little stressful, especially if you have so many environments to maintain. It is not combined into one. If you have ten clusters, you have to maintain them individually. There is no single interface where you can manage all ten cloud VPNs; you have to be managing them separately.

As I mentioned, we have explored cloud VPN. There is another one I have heard about which is NordLayer. I haven't tried it, but I think it is just purely a VPN. It is not something that you can use to expose subnet routers, exit nodes, and other features that Tailscale offers. I think it is just a pure VPN. Personally, cloud VPN is the only one we have explored, but it does not have enough capabilities compared to Tailscale.

I think Tailscale has shown a return on investment in terms of time saved because it is a SaaS platform. It provides time savings instead of maintaining a VPN. You just make sure you have a Tailscale account, then you install the subnet router or exit node on any of the environments you want to use it on. You just set them up and you should be good.

I would tell others looking into using Tailscale to go ahead if they can evaluate their infrastructure setup or how they want employees to access that infrastructure, and if they have their finances for it, then sure, you can go. Tailscale is a very good product for companies and teams generally, particularly for infrastructure, DevOps teams, and developer teams. It is very good for them. They should go ahead and use Tailscale. However, if money is going to be an issue, they can look into open-source products. However, with open-source products, you still have to maintain the infrastructure on how you set up the tailnet. Aside from that, go ahead with Tailscale if you don't want to manage the infrastructure of your entire tailnet. Just use the normal Tailscale product.

Personally, I don't really have much other improvement to suggest. It is cool the way it is. Aside from the two things I mentioned regarding ACL format and multiple tailnet switching, Tailscale should be solid.

I don't have much else for Tailscale. I just think it is a good product for people to use, especially if they want to make sure the connectivity is secured, and if you want to establish connections in many ways that are possible. Overall, I give Tailscale a rating of eight out of ten.

I have multiple use cases for Tailscale. My primary use case is providing secure remote access to internal servers, cloud workloads, and development environments without exposing services to the public internet. Tailscale replaces traditional VPN solutions and enables secure device-to-device connectivity using a Zero Trust networking model.

We deployed in a hybrid model connecting on-prem servers to private network resources with workloads in the public cloud, allowing secure access across environments without exposing services to the internet.

The most valuable features are the Zero Trust architecture, peer-to-peer connectivity using WireGuard, easy deployment and setup, access control for granular permissions, single sign-on, subnet and routing, exit nodes, and cross-platform support.

I rely mostly on subnetting and routing in Tailscale because it allows seamless access to internal network resources without installing clients on every device, which greatly simplifies daily operations and improves workflow efficiency. Tailscale stands out for its simplicity and fast deployment with strong identity-based security, which makes it both easy to manage and highly reliable for everyday use.

Since implementing Tailscale, we have seen improved remote access reliability, reduced VPN maintenance overhead, faster onboarding for new users, and stronger security through identity-based access controls, all while significantly lowering the administrative workload.

Tailscale could be improved with more advanced network visibility and monitoring tools, cleaner pricing tiers for scaling teams, and enhanced built-in reporting for device posture and controls for enterprise environments. I would like to see Tailscale offer more intuitive access control list management for large environments, deeper analytics for traffic insights, smoother troubleshooting diagnostics within the admin console, and more flexible pricing as device and user accounts grow.

I would rate Tailscale an eight out of ten for simplicity, strong security model, and ease of deployment, with minor improvements needed in enterprise-level visibility and pricing flexibility.

I have been using Tailscale for the past two months.

The scalability is straightforward and easy to use, but based on the device count, the cost increases.

Customer support is good, and I have nothing to complain about.

Previously, we used an IPsec-based VPN solution, which we switched to Tailscale because managing VPN servers, firewall rules, and user access became time-consuming and complex. We needed a simplified, more scalable Zero Trust approach for remote and cloud-based access.

The initial setup has been straightforward and predictable with the per-user subscription model and no infrastructure or hardware setup cost, making the initial deployment inexpensive.

Since implementing Tailscale, we have seen clear return on investment by eliminating VPN server infrastructure costs, reducing remote access server setup time from hours to minutes, cutting VPN-related support tickets by around forty percent, and saving several information technology administration hours per week previously spent on firewall rules and connection troubleshooting.

We have seen clear return on investment since implementing Tailscale by eliminating VPN server infrastructure costs, reducing remote access server setup time from hours to minutes, cutting VPN-related support tickets by around forty percent, and saving several information technology administration hours per week previously spent on firewall rules and connection troubleshooting.

The setup has been straightforward and predictable with the per-user subscription model and no infrastructure or hardware setup cost, making the initial deployment inexpensive. However, the cost increases as user and device counts grow, especially when advanced features are required.

Before selecting Tailscale, we evaluated alternatives such as ZeroTier, OpenVPN, and native VPN options within Amazon Web Services. We chose Tailscale for its simplicity, faster deployment, and strong identity-based Zero Trust model.

My advice to others considering Tailscale is to start with a small pilot deployment, carefully design the access control list policies from the beginning, integrate with your identity provider early for better security control, and test subnet routing or exit nodes to fully understand how it can simplify your remote and cloud access architecture. I rate this product an eight out of ten overall.

My main use case for Tailscale is connecting me to my home lab, which serves as my front-end infrastructure, whereas I use ZeroTier for back-end infrastructure for connecting things such as IOT devices and personal servers.

A specific example of how I use Tailscale with my home lab is that it allows me to easily provide secure access from myself to my home lab while on the go. This does more than just connect me with my servers; it allows me to run all of my internet traffic on my devices while on the go through my router as the exit node, which allows me to use AdGuard as my DNS server and my home firewall. Overall, it makes me more secure on the go and prevents me from often having to use HTTPS on many of my personal services because Tailscale encrypts traffic already, making HTTPS sort of irrelevant in that specific use case.

The best features Tailscale offers are its encrypted tunnel and easy setup VPN, which are common across your space. I personally love two specific things that differentiate Tailscale: the automatic HTTPS setup, which means you don't have to deal with certificates or anything similar, and the ability to use exit nodes very easily, which is a super useful feature.

The automatic HTTPS setup and easy node management have helped me in my daily workflow because I have an automation on my iPhone that runs as soon as I disconnect from my home network, allowing me to tunnel my cellular data through Tailscale back to my home lab and run my router as an exit node. This means I can use AdGuard for my DNS to block anything from malware to ads in general. The HTTPS setup is super useful for another use case I had where I was building an AI German teacher for myself, allowing communication to happen because most browsers require HTTPS for such connections. Not having to set up certificates and simply using the Magic DNS URL with HTTPS on the Tailscale side was super time-saving and useful.

Tailscale positively impacts my organization because I can feel incredibly secure on the go without worrying about opening ports on any routers. It makes an incredible amount of sense for my use, and I wish I could use it more in my role at ADP, though they generally manage that externally through Cisco. But I give my sign-off to advertise to them.

The only improvement I see for Tailscale is that I would love to check out Headscale to fully host it on my own infrastructure. However, I think it is a really great product as is. It is easy to set up, and since it uses WireGuard on the back end, it is quite fast. I would love to see a diagram that gives me clearer visibility into how I connect to each node, as I often find I connect to non-direct routes to individual servers, and a visual representation of that would make it easier to visualize.

I have been using Tailscale for about five years.

Tailscale is stable most of the time, as I occasionally see dropouts. However, I appreciate receiving notifications about drops, which I almost never notice myself. Occasionally, I see on my router that the exit node has gone dark, but I don't notice that in practice.

Tailscale's scalability is very good, with the visibility and ability to access metrics making it easy to scale upward, although I have limited experience with that as I have under 100 devices, around 20.

I have never had to use customer support because the product is that good.

I previously used ZeroTier for my back-end services, and I think that is the number one one-to-one competitor within your space. I switched from ZeroTier to Tailscale for two reasons: it was much easier to set up Tailscale, and while ZeroTier still has value, Tailscale makes more sense for the speed, visibility, and overall functionality, especially with exit nodes being easier to use.

Tailscale is incredibly easy to use, and I will always sing its praises. It has made my life a lot easier. I was originally an early adopter of ZeroTier and championed that for a long while. Only in the past couple of years have I switched over to Tailscale, and it has been world-changing, making many things easier to achieve the security I was looking for on the go.

I generally work within a free tier, as there is no reason for me to step outside of that currently.

Tailscale has definitely made it so I don't have to incur additional costs. The ability to use your servers as relay servers instead of setting up my own Headscale server is the primary reason I haven't done so far, because it makes things easy and time-saving.

Before choosing Tailscale, I evaluated ZeroTier again. The only reason I haven't moved my entire infrastructure to Tailscale is cost. I can utilize free accounts on both Tailscale and ZeroTier, allowing me to build a back-end infrastructure for my family without paying for an entire organization account. ZeroTier operates on a device-based quota, while Tailscale uses an account-based quota.

A specific example of how I use Tailscale with my home lab is that it allows me to easily provide secure access from myself to my home lab on the go. This does more than just connect me with my servers; it allows me to run all of my internet traffic on my devices on the go through my router as the exit node, which allows me to use AdGuard as my DNS server and my home firewall. Overall, it makes me more secure on the go and prevents me from often having to use HTTPS on many of my personal services because Tailscale encrypts traffic already, making HTTPS sort of irrelevant in that specific use case. I would rate this product a 10 out of 10.

My main use case for Tailscale is connecting to company internal systems due to GDPR requirements. The company is located in Germany with private servers in Germany, and I stay in the UK, so I use it to connect a point-to-site VPN connection from my home laptop to the private servers in Germany. I use Tailscale to create a secure connection.

Apart from connecting to the internal systems, my main use case also provides a very nice interface with the CI pipeline. I connect Tailscale with my CI on GitHub Actions to allow me to do automatic deployments through the company's internal systems.

The best features Tailscale offers are really easy usability and a straightforward user experience. It is a one-click install where you select your servers that you want to connect to. The whole integration with GitHub Actions for CI is pretty good, and I use it a lot, so I am very confident in that.

The GitHub Actions integration stands out for me because it is not every day you see a seamless tool that can allow you to perform CI builds on private networks. I and the company have tried other options, and it was difficult, but Tailscale provided their action script, documentation, and simple authentication mechanisms using OIDC on GitHub Actions. Everything was straightforward to set up.

Tailscale has positively impacted my organization by allowing us to speed up development without worrying about GDPR restrictions. One of the things about GDPR restrictions is that we cannot allow data to leave the EU region or Germany. It was very easy for us to integrate GitHub with the whole CI pipeline, and it was a very positive impact. It allowed us to eliminate the stress for our CI and the stress of accessing internal systems from far away. So, it allowed us to focus on the development of the application part rather than struggling with how we are going to get this code deployed on certain servers while still following GDPR restrictions.

Tailscale could be improved in different ways. I have not really found any problem with it so far. It pretty much solved the problems of other VPN clients that we have been trying. If Tailscale provided a way to integrate with native cloud providers, such as AWS or other cloud platforms, it could be a very nice thing. For example, I want to connect my EC2 instance from AWS over my private Tailscale network. It could be a nice feature so I do not have to stress about the AWS VPC and all that. I could probably just port it over to my Tailscale network. I do not think they have a feature like that, but that would be fine.

I rate Tailscale an eight because I do not think it has any native cloud support with AWS tools such as EC2, GCP, and Azure. If they can find a way to do that, then it would be fine. One of the things that would actually make more sense is if Tailscale could find a way for us to use serverless compute over private networks. Private server functions or serverless functions probably would not be executed on non-EU regions. That is something I am thinking about.

I have been working in my current field professionally for four or five years.

Tailscale's scalability is good. It is scalable in the sense that we could add as many servers as we want to the network without any downtime from Tailscale. It is pretty fast. Even though I am making a request to the network, the extra hops are pretty much invaluable for network speed. I still get the best speed as possible even though the amount of network hops is two or three. I have to first make a connection to the Tailscale network and then from the Tailscale network to the actual underlying server. Apart from all of that, it is still pretty good. I would say it is really scalable, and I do not think I have ever experienced any downtime with Tailscale.

I have not really had any issues with customer support. I have not really contacted them. If the application is as fine as this, then the customer support should also be good.

Before I joined the company, there were several solutions being employed. The company used Teleport and there were a lot of VPN alternatives. There was Twingate and Teleport. We used Teleport before. When I joined the company, we brainstormed together, and I think that was one of the first tasks we did. We found a suitable solution that could handle all this easily, and Tailscale was the one that we picked. We figured out that it was very good.

My experience with pricing, setup cost, and licensing is that pricing was relatively fine. It had a generous free tier, and the pricing was okay. It is good for the amount of servers that we have. Setup cost was not much; it basically was zero setup cost. We probably just did it ourselves. The software was straightforward. We only had to pay for the amount of servers that were going to be able to enter the network. The company handled the licensing, I am not entirely sure about all the details.

We evaluated other options before deciding on Tailscale. We tried Twingate, and I do not remember what all the others were that they were using before. There was this NordVPN client that we could use to connect our servers together, but it was not really developer-friendly. There was Zscaler; we tried to use Zscaler, but it did not really get into what we wanted. They were all good options, but it was not what we wanted. We wanted developer-friendly documentation, access to the CI pipeline build, point-to-site VPN connections, and one-click install. I just install Tailscale, connect the servers, and that is all. I do not want to always be starting up the VPN client and finding my servers and trying to make that connection to them. In my system, I am always automatically connected to that network. Tailscale just provided everything that we needed.

My advice to others looking into using Tailscale is to definitely try it out because it is going to really abstract away a lot of network problems, especially when it comes to private networks, private systems, or internal systems in general. It is really going to abstract away a lot of the complexities. I rate this product an eight overall.

I mainly use Tailscale for remote access to my services. I have my whole server setup at home, which is a Proxmox cluster where I have a couple of services running on the backend, and I want to access those services remotely such as websites, some Docker containers, and some stacks. I install Tailscale on those applications so that I can access them remotely from my PC, whether at home or somewhere else. I turn on Tailscale and use it.

I have a mixed environment in my backend, which includes a couple of Windows VMs, all my servers being Linux-based, my Mac environment, my iPhone, and my MacBook that I bring outside, so I install Tailscale on those devices. I also have my router in pfSense where I install Tailscale as well.

I use Tailscale mostly on-premises to access all of my services. I could deploy it on cloud services such as AWS or Azure, but I already have my own environment, so everything is just within the premise.

I find troubleshooting to be very easy with Tailscale, as I turn it on everywhere I go, and I can access my services remotely and securely without worrying about a certificate or anything. Another advantage of Tailscale is that sometimes I need to be physically at home to troubleshoot or to do something for myself or for my business. Tailscale has this service called Exit Node, so when I am outside, I turn on Tailscale and enable the Exit Node. I install this in two devices in my home lab, allowing me to route my network through those devices even if I am physically outside, which means other companies see me staying at home doing my work.

MagicDNS is really good because I do not have to remember the IP address of all of my devices or services, and I also use split DNS as well, where some of the networking requests actually go through my pfSense router and bounce to some of the local devices that I have here.

One thing I want Tailscale to improve is their user interface for Arch Linux, which is one of the devices I have that I installed Tailscale on, but they do not have the native package with full features, a capability I really want them to develop. Another enhancement would be to allow a graphical interface for more power users. Sometimes I want to run things on the website or user interface, so I wish to control advanced access control lists with a good user interface, and that would really be helpful.

I have been using Tailscale for two years, and it has been going great.

Tailscale has been very stable in my experience, with no issues so far. I would suggest for other users that when you want to upgrade the service or the app for security reasons, sometimes Tailscale app, especially on iOS, might break, so it is better to see any updates and maybe wait for a couple of days for feedback before upgrading the apps.

Tailscale's scalability seems very good, as I install it and currently have around twenty or thirty apps running on my web admin in Tailscale. I believe Tailscale uses AWS services as a base, so I think they have no issues scaling up the services.

So far, I do not have any issues with Tailscale. If I do, I go to Reddit, which I think is one of the official channels for them, and there are a lot of Tailscale staff that respond in that channel, allowing me to ask questions there.

I had been using another service before, which is WireGuard, but the thing for WireGuard is that I had to open ports on my router to be able to use it remotely. Tailscale uses WireGuard technology, and the speed is the same, but the setup for Tailscale is very easy, which is a very good point.

Before Tailscale, I used WireGuard, but I had to open a hole in my firewall for port forwarding. After finding out that Tailscale is a very easy mesh P2P network, I completely switched to Tailscale because it is very easy.

I think Tailscale is very easy to use, and that is the best thing that I would add here.

I find the process of installing Tailscale on all those different devices fairly easy, where I just run a command, a CLI command, to install it. There are two ways: I either find the command by adding the device from Tailscale user interface, or I just run the command directly on the device, and they will give me a link to click to activate the device. However, one thing that I want to add for Tailscale is that sometimes I need a very simple user interface to control my services. Most of my devices can install it and have a native setup with a user interface, but I have Arch Linux on one PC, and I could not find the applications from Tailscale that natively support that app.

I notice a lot of time saved with Tailscale because it is very easy to set up, and I think it saves around forty percent of the time to turn on and manage my remote environment. Everything is pretty smooth.

Before choosing Tailscale, I evaluated other options such as Cloudflare, Cloudflare Zero Trust, and some services such as Headscale as well. However, when I bumped into Tailscale and tried it, it hooked me right away, primarily for its remote access, easy setup, and multi-environment support.

Tailscale has been helping my organization a lot, primarily for security, as I do not have to open up any port in my router, which is really helpful. There are other options to access my services and applications remotely, such as Cloudflare Tunnel, but that again exposes risk to the public. Even with their zero trust network, it still feels somewhat risky. However, for Tailscale, everything is encrypted in the mesh network, the speed is really good, and I really appreciate that. Tailscale also offers it for free for three users and up to one hundred applications or nodes, and I am still using that, which is really good. I think for others, if they want to try Tailscale, they can register for free first and try it out; there is no harm in that.

I am still using the free tier of Tailscale, but I have a lot of services under it. Pricing seems good because they offer, as I mentioned, up to three users and one hundred apps or services for free, so I am still trying it out, and the service and the speed are pretty good.

I recommend that Tailscale users take advantage of the offering of a free tier and try it first. I give this product a review rating of eight out of ten.

My main use case for Tailscale is mesh networking, wherein prior to Tailscale, especially on personal infrastructure, I needed to have a VPN setup that required port forwarding enabled from my ISP side. The main issue with that is that mostly ISPs do not provide static IP addresses as well as port forwarding on personal plans. The most important feature I have seen in Tailscale is its use of NAT traversal to enable internal network access to the outside world in a secure, peer-to-peer manner. Essentially, it replicates the corporate IT VPN infrastructure at a smaller scale, allowing anyone without much technical know-how to install and configure Tailscale. For example, if you want to connect to your home server and route all your traffic through it, that can be achieved simply by using the exit node option in Tailscale, which I find really impressive.

Furthermore, the Magic MagicDNS feature allows me to associate domain names with services running on each individual Docker container in my home lab, enabling access to them as dedicated websites within the Tailnet. If I disconnect from the Tailnet, I cannot access these services, adding another layer of security. I use TSD-Proxy for this, which is an add-on endorsed by Tailscale.

On the corporate side related to my project with Alliance, I have used Tailscale to mimic the corporate IT environment where everything is accessible only within the intranet, not the outside world.

During COVID-19, I collaborated with friends from different locations, one of whom was in the Gulf while I was in India. There was a scenario where I needed a personal VPN connected to a server in the Gulf to perform government-related tasks. My friend was not very technical, primarily being in commerce, but by explaining how to install Tailscale and enabling his laptop to act as a server and an exit node, I was able to get a seamless VPN connection without going through the ISP for a static IP or port forwarding, just one click. This was a very impactful personal use case.

On an enterprise level, I previously mentioned my project with Alliance, where the judges were really impressed with the mesh-to-mesh VPN demonstration that did not require much configuration. They even expressed interest in implementing it at a corporate level. Additionally, as mentioned, with Docker containers, there are various add-ons available. For an efficient setup, I recommend using TSD-Proxy alongside Docker containers, allowing for better management of exit nodes and accessibility settings based on flags set during container creation.

Tailscale has positively impacted my organization by enabling rapid prototyping, especially with junior teams collaborating from various locations. When accessing remote machines over SSH or protocols like RSTP for CCTV cameras, Tailscale allows us to establish a mesh VPN with just a few clicks. Otherwise, configuring a VPN server by ourselves would involve OpenVPN or WireGuard and obtaining permissions from ISPs, a considerable hassle, particularly when some team members are not technical, such as project managers. Tailscale has simplified collaboration significantly at the organizational level.

MagicDNS is one standout feature, along with role access control (ACLs) that enhances the security of my Tailnet. Plus, there is the usual multi-factor authentication, the ability to run exit nodes, and having one of my nodes function as a subnet router, allowing access to my internal LAN from the outside without hassle. Those are a lot of features. Moreover, you do not really need in-depth security knowledge to get started with Tailscale, and since it is an open-source project audited by many people globally, you can trust its foundation. Tailscale is based on WireGuard, a very secure protocol for VPNs.

With MagicDNS, I find it helps tremendously as I run multiple containers, making it hard to remember all the IP addresses. MagicDNS simplifies this by letting me configure domain names, enabling seamless access to web pages or services within my Tailnet in a short time. Secondly, ACLs help in deciding the permissions for exit nodes, allowing access only to specific resources they need, streamlining the process. For everything else, I can set the appropriate permissions in the ACL list without needing to be a network analyst.

Regarding improvements for Tailscale, it abstracts its internal workings from the end user, which is great for those not familiar with networking. However, I would appreciate a graphical view, perhaps through something Grafana, displaying how packets are transmitted, involved intermediaries, and current active nodes. This kind of feature would enhance user experience and technical awareness. A developer's mode versus a normal user mode could be beneficial, in my opinion.

I do not have any additional thoughts on the needed improvements besides those already mentioned.

I have been using Tailscale for almost two to three years.

Tailscale is stable; it has never given me downtime on their side, and if there is downtime, it is due to issues on our side, not from Tailscale.

Tailscale's scalability is impressive due to the available Docker images, offering numerous options across platforms. Scalability is not a concern at all, and platforms like Kubernetes can also utilize it, making it highly adaptable.

In terms of customer support, the product is so good that personally, I never needed to use customer support, although the networking team at my organization may have. However, for my use case, I have not had to reach out for support because everything is so seamless. Even hobbyists can find valuable information shared voluntarily in subreddits, so with such a quality product, individual customer support needs diminish significantly.

Before Tailscale, we used an OpenVPN server, but due to networking constraints and the difficulty in managing credentials among individual users or junior developers connecting from different locations, we opted for Tailscale and have been very satisfied with it.

I did not evaluate other options prior to choosing Tailscale; I had heard great opinions online, which made me fixated on it, and I am convinced I made the right choice since it has served me well for a long time now.

Since using Tailscale, we save time through the enhanced rapid prototyping it enables. Cost savings are also notable, especially personally, as static IPs or port forwarding often result in additional charges from ISPs. For someone interested in IT or as a hobbyist, Tailscale is a great option to explore VPN dynamics at an individual level. Furthermore, thanks to Tailscale, corporate companies no longer need to provide static IP or port forwarding capabilities for employees, which translates into significant savings, especially for larger companies with many employees.

I advise others considering Tailscale to go for it if their needs align with ours. There is no better option than this. Corporate VPN setups tend to be overly complex, and for small to medium enterprises, Tailscale is precisely what is needed. It is just great; go for it.

I use Tailscale to publish and as an SSH service. I secure my SSH port and then use Tailscale to SSH into my VPS. I also use Tailscale to serve private services on my VPS so my teammates can access them securely without exposing the port publicly.

Our VPS was attacked by a bot targeting our port 22 or SSH service. Our service is quite critical, so exposing it publicly would pose a danger to our services, especially our company's database. That is why I use Tailscale to secure all of our services.

I use Tailscale to secure our CI/CD pipeline as well. We do not use any SSH key anymore; we use Tailscale SSH instead. I can easily connect to a private VPS using Tailscale without needing to be there because Tailscale acts as a VPN.

The best features Tailscale offers that benefit me are the SSH services and VPN services, and how it can expose a service without publicly exposing the port or provide access control to which services are available to our teammates or made publicly available. Tailscale Serve and Tailscale SSH are the most useful features in my opinion.

We are able to share only a specific service with our teammates, which is basically a least privilege access. They will not be able to access the database, but they are able to access our monitoring log and other services.

The funnel is particularly handy. It is much similar to Cloudflare Tunnel, but it is from Tailscale. I would appreciate the ability for it to funnel many services from our VPS because as far as I know, it can only funnel one thing from our VPS, so one domain only. If you want more domains, you have to use a sidecar container, which is not quite convenient. If I were to request a feature from Tailscale, it would be to have a funnel that allows me to serve multiple services on our VPS.

Another feature I would request is a custom domain. I would like to customize my Tailscale domain other than funnel. Funnel lets you expose multiple services in your server and then you can customize the domain name for each of the services. Currently, I am only given the MagicDNS domain. If I could give Tailscale access to my DNS management, then Tailscale could customize that domain for our funnel services. I think that would be very helpful.

I am currently facing an issue where on my Mac, Tailscale does not allow me to log in to multiple accounts. It is quite hard to switch between accounts. I think that is quite critical and needs to be improved.

The desktop version on macOS does not allow me to switch between multiple accounts easily. It requires me to log in every time I want to switch accounts, and it actually creates another node for my laptop. Even though I have one laptop, it creates multiple nodes every time I switch accounts from A to B and B to A. When I switch back to my original account, it actually creates another node instead of reconnecting to the previously connected node.

I have used Tailscale for about one and a half years.

Tailscale is very stable and I have not noticed any downtime so far.

Currently, our organization is quite small, so I have not met any limits from Tailscale.

I have not reached out to customer support because I have been able to solve everything myself and from the documentation, so I have not needed to contact customer service.

I used fail2ban to block bots from brute-forcing our SSH service, but because it was not effective enough, I switched over to Tailscale.

Installing Tailscale does save time in managing the firewalls because I do not need to know much about firewalls, especially UFW, as I can just install Tailscale and our server connects instantly. This saves a lot of our time.

Tailscale definitely saves me a lot of time securing our server. I do not really need to install fail2ban or CrowdSec or modify our UFW firewall. I can just install Tailscale, close many ports, and then share them with my teammates. It is really time-saving and, of course, money-saving because Tailscale's free tier is very generous.

I have not reached out to customer support because I have been able to solve everything myself and from the documentation, so I have not needed to contact customer service.

Tailscale is very generous with pricing. I have not met the limit at which I need to upgrade my tier, so I am currently on the free tier and I do not think I need to upgrade because the free tier is more than enough and it is very generous.

I went directly to Tailscale.

It becomes much easier to share our services with our teammates without needing to handle the firewall directly. For security, it is indeed much safer now because we can close all of our ports and then just share the link to our machine with our teammates so they can access it using Tailscale VPN.

I would recommend trying Tailscale. Use the managed Tailscale service because its free tier is very generous, and then you can avoid modifying the firewall and completely migrate your entire infrastructure to using Tailscale VPN. I would rate this experience a 9 out of 10.

Tailscale provides us with the opportunity to have a work network. Since we are teleworking, we need to be able to have an internal data center without having to expose it externally to the Internet.

Tailscale's simplicity stands out as a key advantage. Our department has several profiles including developers, system architects, and CTOs, which allows us all to work on our own machines. We have a wide variety of people who work with Windows and Linux operating systems, and we can connect to our private network from a terminal. These services are hosted on a data center server and are connected in Docker. Tailscale's wide variety allows us to deploy the services both in Kubernetes clusters and directly on Linux server hosts, as well as in Docker containers, which lets us have a shared resource network without having to create complicated network routing rules. It even allows us to have our own DNS to redirect addresses that we select.

The great ease of being able to interconnect people who might not have a technical profile stands out as an advantage my team gets from using Tailscale for this type of integration and resource management. In the past, we used OpenVPN or Fortinet services, and with just a small installer, it is very easy and simple for employees to use the connection.

The best features that Tailscale offers are ease of use, ease of connection, and a fairly generous connection plan. It allows us to apply ACL policies, which is very beneficial. We do not need to add something extra to define access permissions per user, and that is vital at an organizational level. The console allows you to connect, and there is another interesting feature where you can invite users from other Tailscale networks, which is quite useful.

The ACL is very easy to understand and not as complex as older WireGuard systems. We can create IP ranges or define what kind of people or users can access which resources, which gives us a great deal of peace of mind about our infrastructure.

The most positive impact Tailscale has had on my organization is significant. While working with different providers such as AWS, Azure, or even on-premise, we found that having a single solution to interconnect all those different types of architectures was a complete challenge. Each provider gives its own VPN option, but it is not a scalable, standard, or universal solution. We started using WireGuard to conduct studies of this type, but maintenance became costly, and we always depended on having at least one exposed node to handle the routing or network rules. With Tailscale, the picture changed completely because it allows us, in a simple and native way, to install this type of service, even bypassing complex configurations. We have had situations where we have connection points through CGNAT with 3G routers, and Tailscale provides a solution that is quick, simple, and with very effective speeds, which has pleasantly surprised us.

I am currently testing the ability to expose to the WAN certain services that we select, which is in beta. I imagine it is still in development, but from the tests we have done, the connection outward is quite slow, which is a point of curiosity, and I hope that aspect can be improved.

At a basic level, Tailscale could improve the interface to enhance the user experience. Another potential improvement would be to provide Internet exit nodes that are faster. I understand that Tailscale is not a CDN as such, but they could try to achieve some technique that at least provides connections of ten megabytes per second, for example.

Tailscale uses certain flags, such as accepting routes or accepting DNS when logging in, which could be improved. For people who are technical, it is not a problem, but for those who are not as technical, providing this information or presenting it to the user in a simpler way so they understand what they are enabling or disabling could be beneficial.

I have been working with Tailscale for about four years personally for my personal platform, and then I have been using it professionally for around two years.

I consider Tailscale to be a stable solution. There are other services that I am curious to use because I do not know how they work, but for what we use it for—interconnection and networks—it is very stable.

My experience with Tailscale's scalability is optimal and very good. It is incredible that it can be connected on so many platforms, such as Docker, clouds, and operating systems.

Before Tailscale, we used OpenVPN, then WireGuard, and we also used Fortinet. Tailscale encompasses a very good balance for maintaining our own infrastructure.

I have been one of the people who, professionally when I worked at another company, proposed this solution. It seems too novel at first, and it appears that it may not be reliable. Fortunately, at the company I am currently at, they understand the essence of this product or service, which really allows us to save enormous amounts of time in onboarding users, configurations, and removing access quickly and safely. That is the main thing because when we looked at other solutions such as ZeroTier or WireGuard itself, they did not guarantee automatic refresh. With Tailscale, we do see that even the admin panel is very simple, even for non-technical people. It has reduced the complexity of onboarding and implementation by approximately sixty to seventy percent in time, for certain.

I have noticed a return on investment from using Tailscale, particularly in time. It has been something around sixty to seventy percent much less time. As for costs, even though I do not handle them, I understand that this reduces costs first because of the time that is spent, and second, in terms of infrastructure requirements, which are minimal. Previously, networks with FortiGate were used, and that forced us to spend on hardware. With Tailscale, that type of investment is not necessary.

Before choosing Tailscale, I evaluated other options, and there are many Tailscale forks, but we went directly with this solution because it is the Enterprise version.

Tailscale offers a solution that is already mature, proven and tested, and secure, where you can save costs and maintain a small, medium, or even large infrastructure. I would really appreciate the possibility that Tailnets, instead of giving a random name, would allow us to choose a name and type it. I can rename a Tailnet that it offers directly, but it does not let us write our own, and it would be beneficial if at some point this could be done. I would rate this product and service highly.

Honestly, my main use case for Tailscale is my home lab and being able to access my home network devices using a Zero Trust platform that's fully secure. It has been so useful, especially for sharing some of my self-hosted services with family and friends.

For example, I use Tailscale in my home lab by having it installed on all of my devices, like my personal laptop and PC, as well as on my servers. On my servers themselves, let's say I'm hosting a web page on port 3000. I could just use my Tailscale MagicDNS name and then the port, or I could just use the Tailscale IP and the port to access those web pages. So for example, I host things like VIQUINIA and some other things I can easily access. Another use case that I have for Tailscale in my home lab is I have it installed on my firewall, which is built with OPNsense. What I do is I have it set as an exit node and I also broadcast my entire subnet. So that way, it's as if I'm connecting to a regular VPN and have access to my full home network, not just the devices that have Tailscale installed on them. I can also funnel my traffic through my home network if I'm elsewhere. Since I have my own custom DNS set up, if I am using my network as an exit node, I get free ad-blocking wherever I go.

For my organization, we use Tailscale for our database as a secure way to access our VPC. It's really great. It's an easy way for everyone to connect and disconnect. Nothing clunky, nothing being left behind, very lightweight, very nice UI, and very useful. For my home lab, it has been great because there are services you want to host, but you don't want to expose them to the public network, and using Tailscale gives you a very nice way of actually accessing that without having to deal with exposing things to public ports. I also really appreciate Tailscale services, which I forgot to mention, which involves hosting a service on Tailscale itself.

Regarding metrics, I guess a lot of times it saves hours. Sometimes I forget something at home and if I use Tailscale, I can easily access my network and grab it, whereas usually I would have to drive back home. I feel that in itself is really huge.

The best features Tailscale offers are their free tier, which is amazing. Whatever it provides, I feel it's a very good amount for what it gives you. I would honestly even be open to paying if my needs expand from what I am currently using. I feel the Zero Trust networking thing is really great. I feel the ability to also integrate Mullvad VPN into your own Tailscale network and use that as an exit node is huge. It makes a very nice, seamless experience for VPN. Rather than having multiple clients, you just use Tailscale and that handles everything for you. I also appreciate the Tailscale drop feature. I feel that's very unique, kind of a global AirDrop with anything that has Tailscale. So it's a really simplified way of sharing files, not only over your local network, but over your Tailscale network, your virtual cloud.

A unique thing that I did, which at the time was an experimental feature, but now I believe it's fully out and available, is using Tailscale files. Essentially, I had a bunch of space on my server and I made a Tailscale share. So now if I ever go on any of my devices, I have a whole file section which I can actually just drag and drop to that location and it's kind of a shared Google Drive. Any of the old storage I had lying around, I was able to convert it into my own free cloud storage.

I would say I rely on just the regular Tailscale Zero Trust network the most in my daily workflow. I feel I have that on all the time and I'm accessing things when I'm not at home. Usually, when I'm traveling, it's when it's the most useful, but if I'm staying at home and working from home, it's not as useful because I'm connected to my same network. But for example, if I'm at my in-laws' house or if I'm outside at a library or coffee shop, it's very useful to have.

I feel the speed of the control servers are a bit too slow. I feel that's the main bottleneck right now for Tailscale. For example, at my apartment, I can do 2-gig networking, but when I connect via the exit node, and I'm wired in somewhere else, and that place also has 2-gig networking, I'm at max getting half of my speed. The main bottleneck here is really the control servers and the throughput of data.

I feel Linux needs its own UI client. I had to use a custom third-party one. That is a big thing as well.

To make it a 10, I mean, have better support for Linux. That's probably the main thing, honestly. Fix the DNS things too. There's some issues where I should be able to use my own custom DNS easily and then when you move MagicDNS starts causing problems, I should be able to just have my own custom DNS that links directly into Tailscale and assign each thing its own specific hostname. I feel that doesn't work as well as expected, or maybe you do provide that, but then it's kind of obfuscated through weird documentation.

I have been using Tailscale for about two years or a year and a half.

Tailscale is stable.

Tailscale's scalability is good.

It has been a really great product. Ever since I started using it, I got my family members to get on it and so many other people, and I very openly recommend it.

I looked at Netbird or something before choosing Tailscale.

I advise others looking into using Tailscale to start faster or look at the documentation.

Our main use case for Tailscale is to provide a VPN service where we can remotely log in or SSH into other devices on our network on Tailscale. We're using Headscale. We use it to perform updates, send information, ping certain cameras, and connect devices.

The company did use ZeroTier before, but we chose Tailscale for this use case because it has definitely been the better option of the two, providing faster service and easier installation.

I believe I have covered everything about our main use case. Tailscale is a very solid framework and is very useful for smaller companies if they want to start out or even bigger companies who want to have a robust network of devices that they want to manage.

The best features Tailscale offers are the web interface that allows you to see all of the networks, all the IPs that are active and whether they're offline or online. It is very useful when you have a lot of customers and different devices in different areas. The network connectivity feature is the best.

The web interface and network connectivity features help me in my day-to-day work because we can SSH into the device without knowing the public IP or having any other remote RDP services on that device. If we have the Tailscale IP, we're able to get into that device just as if it were on our LAN or as if it was wired. We use this capability day-to-day for devices all across the U.S.

Tailscale has positively impacted our organization by creating a streamlined appearance, and it is definitely apparent that it is one of the backbones of the company. Currently, if Tailscale goes down, our services are not operable. This has happened in the past but has been fixed multiple times. The newest version has fewer bugs than before.

I don't have specific metrics, but I definitely feel it is a lot faster going through the tickets using Tailscale and being able to troubleshoot on the network of the devices.

Tailscale could be improved by having a better way to troubleshoot. Sometimes our devices do go offline, but if we are able to have some sort of command where we can instantly turn off and turn back on the services at the IP, that would be great.

I believe that covers the needed improvements; it is already a pretty smooth experience.

I have been using Tailscale since I started my career, which was three years ago.

Tailscale is stable in my experience.

Tailscale is definitely very scalable. We haven't had any problems with our scalability, as we have over 300 to 400 devices that use Tailscale that we connect with and utilize on a daily basis.

I have not personally reached out to customer support, but I believe my manager may have when it went down one time.

We did use ZeroTier before; that was before I was employed, but some of our devices still have it installed. They marked up the price significantly, so we did not continue with them.

We deploy Tailscale on a private cloud using Headscale, and we use DigitalOcean to host the Headscale server so that we can use Tailscale on all the devices and connect them. We install Tailscale on the device and log in.

I haven't seen a return on investment with Tailscale based on metrics because we are not big enough to have the metrics or have time for the metrics, but on a personal note, it seems faster and is very streamlined.

I would tell others looking into using Tailscale to get it and use it. If they need an enterprise-level network, it is definitely one of the best solutions.

I was not involved in decision-making before choosing Tailscale; I am just utilizing the software, so I did not come up with the solution of Tailscale.

I rated this review a 9 out of 10.