OpenClaw's Tailscale Integration - Secure Remote Access

2 min read

The Remote Access Problem

You have deployed OpenClaw on a server. Maybe it is a VPS from Hetzner, a machine in your home lab, or an instance running in your office. The agent is configured, skills are installed, and everything works when you are on the same network. Then you leave.

From a coffee shop, a hotel, or your phone on the train, you need to reach your OpenClaw instance. The dashboard, the webchat interface, the terminal, the API -- they are all running on your server, but your server is behind a firewall, on a private network, or has no public IP address.

The traditional solutions to this problem are unsatisfying. Exposing ports directly to the internet invites brute-force attacks, vulnerability scanning, and the constant anxiety of knowing that your server is visible to every bot on the planet. Setting up a traditional VPN (OpenVPN, WireGuard manually configured) works but requires significant networking knowledge, careful key management, and ongoing maintenance. SSH tunnels get the job done but are fragile, require an SSH client on every device, and do not work well on mobile.

Tailscale offers a fundamentally different approach, and OpenClaw's integration with it makes secure remote access straightforward.

What Is Tailscale?

Tailscale is a mesh VPN built on WireGuard. Instead of routing all traffic through a central VPN server, Tailscale creates direct, encrypted, peer-to-peer connections between your devices. Every device running Tailscale joins your personal network (called a tailnet), and every device on the tailnet can reach every other device as if they were on the same local network.

The key properties that make Tailscale relevant for OpenClaw:

Zero configuration networking. You install Tailscale on a device, authenticate it, and it joins your tailnet. No port forwarding, no firewall rules, no DNS configuration. Devices behind NATs, firewalls, and carrier-grade NAT all work without special setup.

WireGuard encryption. All traffic between devices is encrypted using WireGuard, a modern, audited, high-performance VPN protocol. The encryption is end-to-end between your devices, not terminated at a central server.

No exposed ports. Your OpenClaw instance does not need any ports open to the public internet. Tailscale punches through NATs and firewalls using a relay mechanism when direct connections are not possible, but your server's firewall can remain completely closed to inbound traffic.

Identity-based access. Access to devices on your tailnet is controlled by identity (who you are) rather than network location (what IP you are coming from). This is the foundation of zero-trust networking.

Why This Matters for Self-Hosted OpenClaw

Self-hosting is central to OpenClaw's philosophy. You own your infrastructure, your data, and your agent's capabilities. But self-hosting introduces a tension: the more locked down your server is, the harder it is to access remotely. The more accessible it is remotely, the larger your attack surface.

Tailscale resolves this tension. Your OpenClaw instance can be completely invisible to the public internet -- no open ports, no public DNS records, no exposed services -- while remaining fully accessible to you from any device on your tailnet.

This is particularly important for OpenClaw because of what your instance contains and can do:

Sensitive credentials. Your OpenClaw instance stores API keys, authentication tokens, and potentially access credentials for connected services. Exposing the management interface to the internet puts those credentials at risk.

Agent capabilities. Your agent has skills that can take real actions -- executing commands, reading files, making API calls, sending messages. Unauthorized access to your agent could mean unauthorized actions on your behalf.

Terminal access. OpenClaw provides in-browser terminal access to your server via WebSocket. This is extraordinarily useful for administration but devastating if an attacker gains access.

Personal data. Your conversation history, files shared with your agent, and the knowledge your agent has accumulated are all stored on your instance. Keeping this data accessible only through your tailnet adds a strong layer of protection.

How the Integration Works

OpenClaw's Tailscale integration is designed to be as simple as Tailscale itself. The concept is straightforward: install Tailscale on your OpenClaw server, configure OpenClaw to listen on its Tailscale interface, and access your instance using its Tailscale IP or hostname from any device on your tailnet.

Installing Tailscale on Your Server

Tailscale provides installation packages for every major Linux distribution. On an Ubuntu or Debian-based server (common for OpenClaw deployments on Hetzner and similar providers), installation involves adding Tailscale's package repository and installing the package.

After installation, you authenticate the device by running the Tailscale up command, which provides a URL to approve the device in your Tailscale admin console. Once approved, the server joins your tailnet and receives a Tailscale IP address (in the 100.x.x.x range) and a hostname within your tailnet's DNS.

Configuring OpenClaw to Use Tailscale

With Tailscale installed and running, you configure OpenClaw to bind to the Tailscale network interface instead of (or in addition to) the server's public interface. This means OpenClaw's services -- the API, the dashboard, the webchat, the terminal WebSocket -- are only reachable through the Tailscale network.

If you want your OpenClaw instance to be exclusively accessible through Tailscale (the most secure configuration), you bind it only to the Tailscale interface and close all public-facing ports. If you need some services to remain publicly accessible (for example, webhook endpoints that external services need to reach), you can selectively bind those to the public interface while keeping management services on Tailscale only.

Accessing Your Instance

Once configured, you access your OpenClaw instance using its Tailscale hostname or IP from any device on your tailnet. If your server's Tailscale hostname is my-claw, you would access the dashboard at http://my-claw:1111 and the API at http://my-claw:2222.

From your laptop, your phone, or any other device running Tailscale, this just works. There is no VPN client to connect and disconnect. Tailscale runs in the background, and your tailnet is always available. Accessing your OpenClaw instance feels exactly like accessing a service on your local network, because from Tailscale's perspective, it is.

Zero-Trust Networking Principles

Tailscale implements zero-trust networking, which is a security model based on a simple principle: never trust a connection based on where it comes from. Always verify who is making the request.

In a traditional network security model, you define a perimeter (a firewall) and trust everything inside it. If someone breaches the perimeter, they have access to everything. This model has been repeatedly shown to be inadequate for modern security needs.

Zero-trust flips this model:

Every connection is authenticated. When a device on your tailnet connects to your OpenClaw instance, Tailscale has already verified the device's identity. The connection is authenticated before any data is exchanged.

Access is per-device and per-user. Tailscale's access control lists (ACLs) let you define which devices and users can reach which services. You can allow your laptop and phone to access your OpenClaw instance while preventing other devices on your tailnet from connecting.

No implicit trust from network location. Being on the same network as your OpenClaw instance does not grant access. Only authenticated Tailscale devices with appropriate ACL permissions can connect.

Encrypted in transit. All traffic between your device and your OpenClaw instance is encrypted, even if you are on the same physical network. There is no assumption that any network segment is safe.

Access Control Lists

Tailscale's ACL system lets you define granular access policies. For an OpenClaw deployment, useful ACL patterns include:

Personal access. Allow only your own devices to reach your OpenClaw instance. This is the simplest and most common configuration for individual users.

Team access. If you share your OpenClaw instance with a team, you can add team members to your tailnet and grant them access. Different team members can have different levels of access -- perhaps some can reach the dashboard while others can only access the webchat.

Service-specific access. Allow certain devices to access only specific ports. A team member who only needs webchat access does not need to reach the terminal or the API management endpoints.

Time-based access. For temporary collaborators or contractors, Tailscale supports device expiry and key rotation, ensuring that access does not persist beyond its intended duration.

Tailscale and OpenClaw's Channel System

OpenClaw's channel integrations (WhatsApp, Telegram, webchat) still need to communicate with the external world. Messaging platform APIs need to reach OpenClaw's webhook endpoints, and OpenClaw needs to reach those platforms' APIs for outbound messages.

The Tailscale integration handles this cleanly. You can configure OpenClaw to listen on both the Tailscale interface (for management and direct access) and the public interface (for webhook endpoints that external services need to reach). Alternatively, you can use Tailscale's funnel feature, which selectively exposes specific ports on your tailnet device to the public internet through Tailscale's infrastructure.

This gives you the best of both worlds: your management interfaces are protected behind Tailscale, while the specific endpoints that need public accessibility are exposed in a controlled manner.

Comparison with Other Remote Access Approaches

Understanding how Tailscale compares to alternatives helps appreciate what it brings to an OpenClaw deployment.

Direct Port Exposure

Opening ports on your firewall and accessing OpenClaw over the public internet is the simplest approach but the least secure. Your services are visible to every scanner on the internet. You need to rely entirely on application-level authentication, and any vulnerability in OpenClaw, its dependencies, or the web server could be exploited remotely.

Tailscale eliminates this attack surface entirely. Your services are not reachable from the public internet, so remote exploits against them are not possible.

Traditional VPN (OpenVPN, WireGuard Manual)

Setting up WireGuard or OpenVPN manually provides similar security properties to Tailscale -- encrypted tunnel, no exposed services. But the operational burden is significant. You need to generate and distribute keys, configure firewall rules, set up a VPN server, handle key rotation, and troubleshoot connection issues when NAT or firewall configurations change.

Tailscale automates all of this. Key management is handled by Tailscale's coordination server. NAT traversal works automatically. Configuration is minimal. The result is the same security with a fraction of the operational effort.

SSH Tunnels

SSH tunnels are a common ad-hoc solution for accessing services on remote machines. You open an SSH connection to your server and forward specific ports to your local machine. This works but has practical limitations: each service requires its own tunnel, tunnels break when the SSH connection drops, and setting up SSH forwarding on mobile devices is cumbersome.

Tailscale provides always-on connectivity without explicit tunnel management. Every service on your server is reachable without configuring individual port forwards.

Cloud Provider VPNs

Some cloud providers offer built-in VPN solutions for accessing your infrastructure. These are often locked to the provider's ecosystem, may have usage-based pricing, and typically provide less granular access control than Tailscale.

Tailscale works across any provider and any network. Whether your OpenClaw instance runs on Hetzner, AWS, a Raspberry Pi at home, or a mix of all three, the same Tailscale network connects them all.

Advanced Patterns

Beyond basic remote access, the Tailscale integration enables some advanced deployment patterns.

Multi-Instance Management

If you run multiple OpenClaw instances -- perhaps one for personal use and one for a team, or separate instances for different projects -- all of them can join the same tailnet. You can manage them all from any device on your tailnet, switching between instances as easily as switching between browser tabs.

Exit Nodes

Tailscale's exit node feature lets you route your internet traffic through a specific device on your tailnet. You can configure your OpenClaw server as an exit node, effectively using it as a VPN endpoint for your other devices. This is useful when you want your browsing traffic to appear to come from your server's location, or when you are on an untrusted network and want all your traffic encrypted.

Subnet Routing

If your OpenClaw instance needs to access other services on its local network (a database server, a NAS, a home automation hub), Tailscale's subnet routing feature can expose that entire subnet to your tailnet. Your devices can then access those services as if they were directly connected, without installing Tailscale on every device in the subnet.

The Security Posture

Combining OpenClaw with Tailscale results in a strong security posture for a self-hosted deployment:

  • No public-facing ports for management interfaces
  • All traffic encrypted with WireGuard
  • Identity-based access control instead of IP-based rules
  • No passwords or tokens to remember for network-level access (Tailscale handles authentication)
  • Audit logging of all connections through Tailscale's admin console
  • Automatic key rotation and certificate management

This does not replace application-level security within OpenClaw itself -- you still want strong authentication on the dashboard, skill permission enforcement, and all the other security features OpenClaw provides. But it adds a robust network-level layer that prevents unauthorized parties from even reaching your instance to attempt an attack.

Getting Started

The path from an OpenClaw instance without Tailscale to one with it is short:

  1. Create a Tailscale account and install Tailscale on the devices you want to use for access (your laptop, phone, etc.).
  2. Install Tailscale on your OpenClaw server and authenticate it to your tailnet.
  3. Configure OpenClaw to bind to its Tailscale interface.
  4. Optionally, close public-facing ports that are no longer needed.
  5. Access your OpenClaw instance using its Tailscale hostname from any device on your tailnet.

The entire process typically takes less than fifteen minutes, and the result is a meaningfully more secure deployment that is just as accessible -- arguably more so -- than exposing your instance to the public internet.

Self-hosting means taking responsibility for your own infrastructure. Tailscale makes that responsibility easier to carry by handling the hardest part of remote access: making it both secure and simple.

Written byPriya NairProduct & Automation

Priya focuses on product and automation use cases — how teams put always-on agents to work for support, research, and day-to-day operations.