Use this file to discover all available pages before exploring further.

Tailscale

OpenClaw can auto-configure Tailscale Serve (tailnet) or Funnel (public) for the Gateway dashboard and WebSocket port. This keeps the Gateway bound to loopback while Tailscale provides HTTPS, routing, and (for Serve) identity headers.

Modes

text
serve
: Tailnet-only Serve via
text
tailscale serve
. The gateway stays on
text
127.0.0.1
.
text
funnel
: Public HTTPS via
text
tailscale funnel
. OpenClaw requires a shared password.
text
off
: Default (no Tailscale automation).

Status and audit output use Tailscale exposure for this OpenClaw Serve/Funnel mode.

text

off

means OpenClaw is not managing Serve or Funnel; it does not mean the local Tailscale daemon is stopped or logged out.

Auth

Set

text

gateway.auth.mode

to control the handshake:

text
none
(private ingress only)
text
token
(default when
text
OPENCLAW_GATEWAY_TOKEN
is set)
text
password
(shared secret via
text
OPENCLAW_GATEWAY_PASSWORD
or config)
text
trusted-proxy
(identity-aware reverse proxy; see Trusted Proxy Auth)

When

text

tailscale.mode = "serve"

and

text

gateway.auth.allowTailscale

text

true

, Control UI/WebSocket auth can use Tailscale identity headers (

text

tailscale-user-login

) without supplying a token/password. OpenClaw verifies the identity by resolving the

text

x-forwarded-for

address via the local Tailscale daemon (

text

tailscale whois

) and matching it to the header before accepting it. OpenClaw only treats a request as Serve when it arrives from loopback with Tailscale’s

text

x-forwarded-for

text

x-forwarded-proto

, and

text

x-forwarded-host

headers. For Control UI operator sessions that include browser device identity, this verified Serve path also skips the device-pairing round trip. It does not bypass browser device identity: device-less clients are still rejected, and node-role or non-Control UI WebSocket connections still follow the normal pairing and auth checks. HTTP API endpoints (for example

text

/v1/*

text

/tools/invoke

, and

text

/api/channels/*

) do not use Tailscale identity-header auth. They still follow the gateway's normal HTTP auth mode: shared-secret auth by default, or an intentionally configured trusted-proxy / private-ingress

text

none

setup. This tokenless flow assumes the gateway host is trusted. If untrusted local code may run on the same host, disable

text

gateway.auth.allowTailscale

and require token/password auth instead. To require explicit shared-secret credentials, set

text

gateway.auth.allowTailscale: false

and use

text

gateway.auth.mode: "token"

text

"password"

Config examples

Tailnet-only (Serve)


json5
{
  gateway: {
    bind: "loopback",
    tailscale: { mode: "serve" },
  },
}

Open:

text

https://<magicdns>/

(or your configured

text

gateway.controlUi.basePath

)

Tailnet-only (bind to Tailnet IP)

Use this when you want the Gateway to listen directly on the Tailnet IP (no Serve/Funnel).


json5
{
  gateway: {
    bind: "tailnet",
    auth: { mode: "token", token: "your-token" },
  },
}

Connect from another Tailnet device:

Control UI:
text
http://<tailscale-ip>:18789/
WebSocket:
text
ws://<tailscale-ip>:18789

note

Loopback (`http://127.0.0.1:18789`) will **not** work in this mode.

Public internet (Funnel + shared password)


json5
{
  gateway: {
    bind: "loopback",
    tailscale: { mode: "funnel" },
    auth: { mode: "password", password: "replace-me" },
  },
}

Prefer

text

OPENCLAW_GATEWAY_PASSWORD

over committing a password to disk.

CLI examples


bash
openclaw gateway --tailscale serve
openclaw gateway --tailscale funnel --auth password

Notes

Tailscale Serve/Funnel requires the
text
tailscale
CLI to be installed and logged in.
text
tailscale.mode: "funnel"
refuses to start unless auth mode is
text
password
to avoid public exposure.
Set
text
gateway.tailscale.resetOnExit
if you want OpenClaw to undo
text
tailscale serve
or
text
tailscale funnel
configuration on shutdown.
text
gateway.bind: "tailnet"
is a direct Tailnet bind (no HTTPS, no Serve/Funnel).
text
gateway.bind: "auto"
prefers loopback; use
text
tailnet
if you want Tailnet-only.
Serve/Funnel only expose the Gateway control UI + WS. Nodes connect over the same Gateway WS endpoint, so Serve can work for node access.

Browser control (remote Gateway + local browser)

If you run the Gateway on one machine but want to drive a browser on another machine, run a node host on the browser machine and keep both on the same tailnet. The Gateway will proxy browser actions to the node; no separate control server or Serve URL needed.

Avoid Funnel for browser control; treat node pairing like operator access.

Tailscale prerequisites + limits

Serve requires HTTPS enabled for your tailnet; the CLI prompts if it is missing.
Serve injects Tailscale identity headers; Funnel does not.
Funnel requires Tailscale v1.38.3+, MagicDNS, HTTPS enabled, and a funnel node attribute.
Funnel only supports ports
text
443
,
text
8443
, and
text
10000
over TLS.
Funnel on macOS requires the open-source Tailscale app variant.

Learn more

Tailscale Serve overview: https://tailscale.com/kb/1312/serve
text
tailscale serve
command: https://tailscale.com/kb/1242/tailscale-serve
Tailscale Funnel overview: https://tailscale.com/kb/1223/tailscale-funnel
text
tailscale funnel
command: https://tailscale.com/kb/1311/tailscale-funnel

OpenClaw Docs

Tailscale

Modes

Auth

Config examples

Tailnet-only (Serve)

Tailnet-only (bind to Tailnet IP)

note

Public internet (Funnel + shared password)

CLI examples

Notes

Browser control (remote Gateway + local browser)

Tailscale prerequisites + limits

Learn more

Related