Connecting a Windows client¶
This documentation has the goal of showing how a user can use the official Windows Tailscale client with
Add registry keys¶
To make the Windows client behave as expected and to run well with
headscale, two registry keys must be set:
HKLM:\SOFTWARE\Tailscale IPN\UnattendedModemust be set to
stringtype, to allow Tailscale to run properly in the background
HKLM:\SOFTWARE\Tailscale IPN\LoginURLmust be set to
<YOUR HEADSCALE URL>as a
stringtype, to ensure Tailscale contacts the correct control server.
You can set these using the Windows Registry Editor:
Or via the following Powershell commands (right click Powershell icon and select "Run as administrator"):
The Tailscale Windows client has been observed to reset its configuration on logout/reboot and these two keys resolves that issue.
For a guide on how to edit registry keys, check out Computer Hope.
Download the Official Windows Client and install it.
When the installation has finished, start Tailscale and log in (you might have to click the icon in the system tray).
The log in should open a browser Window and direct you to your
If you are seeing repeated messages like:
headscale output, turn on
DEBUG logging and look for:
This typically means that the registry keys above was not set appropriately.
To reset and try again, it is important to do the following:
- Ensure the registry keys from the previous guide is correctly set.
- Shut down the Tailscale service (or the client running in the tray)
- Delete Tailscale Application data folder, located at
C:\Users\<USERNAME>\AppData\Local\Tailscaleand try to connect again.
- Ensure the Windows node is deleted from headscale (to ensure fresh setup)
- Start Tailscale on the windows machine and retry the login.