Secure Access.
Redefined.
Forget port forwarding. Forget open VPN ports. Twingate replaces outdated VPNs with a modern identity-first approach, making your Home Lab invisible to the internet while keeping it accessible to you.
Evolution of Access
Traditional VPN / Port Forwarding
- close Requires opening Port 443/1194 on router
- close Visible to public scanners (Shodan, bots)
- close Connects the user to the *entire* network
- close Slows down all internet traffic (No split tunnel)
Zero Trust (Twingate)
- check No open ports (Inbound ports closed)
- check Invisible to the public internet
- check Grant access only to specific services (App level)
- check Split Tunneling: Only HomeLab traffic goes via VPN
How it Works
The magic lies in the "Connector". It sits inside your network and establishes an outbound connection to the Twingate Controller. No inbound request ever touches your router.
Client
Laptop / Phone
Controller
Twingate Cloud
Home Network
Starlink & 5G Users (CGNAT)
Standard VPNs usually fail if your ISP doesn't provide a Public IP (common with Starlink or Mobile Data). Because Twingate connects outbound from your home to the relay, it punches through CGNAT effortlessly. No Static IP required.
download Installation (Docker)
Generate Tokens
Go to twingate.com, create a free account. Add a "Remote Network", then add a "Connector". You will get tokens required below.
docker-compose.yml
Define Resources
In the Twingate dashboard, add "Resources".
Example: To access Home Assistant, add a resource with the local IP 192.168.1.10.
You can now access that IP securely from your phone/laptop while connected to Twingate, even when 5,000 miles away.