Skip to main content

Tailscale Setup

Tailscale provides a secure mesh VPN connection between the on-premise IoT Adapter and ZenEdge in the cloud.

Why Tailscale?

No port forwarding — Works behind NAT and firewalls
End-to-end encryption — WireGuard-based VPN
Zero-config networking — Devices find each other automatically
MagicDNS — Human-readable hostnames (e.g., space-os.tailc029f9.ts.net)

Setup Steps

1. Create Tailscale Account

Create a Tailscale account at tailscale.com and generate an auth key.

2. Install on Raspberry Pi

curl -fsSL https://tailscale.com/install.sh | sh
sudo tailscale up --authkey=tskey-auth-YOUR_KEY

3. Verify Connection

tailscale status
tailscale ip -4

4. Configure in ZenEdge

Register the Tailscale hostname in ZenEdge as the adapter endpoint:

https://space-os.tailc029f9.ts.net?device_id=ada-xxxxx

Network Architecture

Firewall Requirements

Tailscale requires minimal firewall rules:

Outbound UDP on port 41641 (direct connections)
Outbound HTTPS on port 443 (relay fallback)

No inbound ports need to be opened.

Next Steps

Configuration — IoT Adapter settings
Security — Hardening the deployment

Why Tailscale?
Setup Steps
Network Architecture
Firewall Requirements
Next Steps