Hi Chris, Many thanks for sharing. I am happily using tailscale. Integration with home assistant seems much easier to me. I can advise that solution if users only need external access to home assistant.
Great tutorial. Maybe this the solution for my SIP Clients to make calls over the Internet to our local PBX installed in our Office LAN. We have a bunch of SIP Client extensions in our LAN and I've been trying to setup port-forward for our remote branch offices to call our local extensions. I've not able to it setup with port-forward on my pfsense firewall.
You didn't overcomplicate it IMHO. I really like what I see so far. A little more research before I decide whether to set it up. EDIT: Not sure if you did Cloudflare Tunnel but that would be a good way to round out this "series"?
Thanks for the feedback. I can get "wordy" sometimes! I have not done anything with the Cloudflare stuff other than my original video a few weeks ago. I do have it listed on my idea page though.
@@mostlychris Cloudflare Tunnel looks great for HA since it doesn't require an extra application running on the end users device with the one caveat it requires a domain. I already hear grumbling in the comments. 🤣 Another possible idea would be a comparison of some of the options. I've seen a few questions over "Why this way".
I just looked up Tailscale. That's a VPN. From what I see the big difference is Twingate has the ability to restrict what resources the client has access to by user group. You could restrict access to specific ports and IP addresses in the network. For instance you may want to access the whole network as an admin but only give access to HomeAssistant or Plex to other users. Unless I missed something every device you log into Tailscale has access to ever other device you log in just like they are on the same network.
Tailscale is a VPN solution, albeit a zero config vpn. Twingate is a resource access option that allows you to make very specific resource ACLs for stuff inside a remote network.
Hi I am completely new to HA and not too technically minded. I watched so many tutorials to help me get setup. I have to say I love your videos, they are so easy to follow and you always explain everything so clearly. I am running ha as x86 image on a laptop so I don't think I can run twingate on this. The only other always on device at home is an android tablet. Is it possible to setup twingate on android or what would you recommend as the easiest remote access solution in this situation? I don't really want to go the paid nabu casa route yet as I am just starting and don't actually have that much use for it. Thanks
I have a video coming out very soon (as of this comment) that has my top 5 connection options for Home Assistant. Give that a watch (subscribe so you get notified).
Anything can happen. Company reputations are built on trust so if Twingate does something to lose consumer trust, it'll be reflected in their business. Also, each person has to make choices based on their personal comfort level with security.
That's a good question. I suspect all the encryption is handled by client app on the device. It's likely agnostic as to whether it passes http or https the same as a VPN. The big question would be whether it gets decrypted in the Twingate servers. You could probably just use https on top of this solution.
you are connecting via home network so https not necessary required. The connection between twingate on the other hand is secure since its require token. So that should be the explanations. BTW why not use nabucasa instead? much easier hahahahahaha
Twingate creates a TLS tunnel between the client device and the remote network so even if your HA is not SSL encrypted, the traffic is flowing over an encrypted layer between your client and the remote network.
Depends. Whatever you use, you need to research it. Twingate has a white paper on their security posture so one can have an understanding of any risks that might be associated with the platform.
![Alternative to VPN use Twingate: Best Way to Remote Into Your Network [step-by-step]](/img/n.gif)
Wow!! Great video. Thank you sir.
Hi Chris, Many thanks for sharing. I am happily using tailscale. Integration with home assistant seems much easier to me. I can advise that solution if users only need external access to home assistant.
Tailscale is good as a VPN solution. Twingate is good for securing individual resources. I use them both.
can't wait to see you do the cloudflared alternative :)
Lots of requests for that. I'll get on it.
Great tutorial. Maybe this the solution for my SIP Clients to make calls over the Internet to our local PBX installed in our Office LAN. We have a bunch of SIP Client extensions in our LAN and I've been trying to setup port-forward for our remote branch offices to call our local extensions. I've not able to it setup with port-forward on my pfsense firewall.
You didn't overcomplicate it IMHO. I really like what I see so far. A little more research before I decide whether to set it up.
EDIT: Not sure if you did Cloudflare Tunnel but that would be a good way to round out this "series"?
Thanks for the feedback. I can get "wordy" sometimes! I have not done anything with the Cloudflare stuff other than my original video a few weeks ago. I do have it listed on my idea page though.
@@mostlychris Cloudflare Tunnel looks great for HA since it doesn't require an extra application running on the end users device with the one caveat it requires a domain. I already hear grumbling in the comments. 🤣 Another possible idea would be a comparison of some of the options. I've seen a few questions over "Why this way".
Good points. Maybe everyone should just register a domain just in case they want to do something with it in the future 😉
Has Twingates service been security audited?
Hi there, we have SOC2 and you can access our security white paper here lp.twingate.com/hubfs/White%20Papers/Twingate-Security-Whitepaper.pdf
Thanks for the question fedamn76 and thanks Twingate for the answer!
What’s the difference between this and Tailscale? Tailscale seems much easier to set up. Curious why choose this over the other?
I’m thinking the same. It even seems very similar
I'm now looking at Cloudflare Tunnel. It's also very similar.
I just looked up Tailscale. That's a VPN. From what I see the big difference is Twingate has the ability to restrict what resources the client has access to by user group. You could restrict access to specific ports and IP addresses in the network. For instance you may want to access the whole network as an admin but only give access to HomeAssistant or Plex to other users. Unless I missed something every device you log into Tailscale has access to ever other device you log in just like they are on the same network.
@@jmr I see! This is a great information. That makes sense and I do see the value of specific ip certain access. That's quite cool for sure.
Tailscale is a VPN solution, albeit a zero config vpn. Twingate is a resource access option that allows you to make very specific resource ACLs for stuff inside a remote network.
Hi
I am completely new to HA and not too technically minded. I watched so many tutorials to help me get setup. I have to say I love your videos, they are so easy to follow and you always explain everything so clearly.
I am running ha as x86 image on a laptop so I don't think I can run twingate on this. The only other always on device at home is an android tablet. Is it possible to setup twingate on android or what would you recommend as the easiest remote access solution in this situation? I don't really want to go the paid nabu casa route yet as I am just starting and don't actually have that much use for it.
Thanks
I have a video coming out very soon (as of this comment) that has my top 5 connection options for Home Assistant. Give that a watch (subscribe so you get notified).
Hi. Do you still use this yourself?
What stops Twingate itself from being the Man in the Middle attacker?
Anything can happen. Company reputations are built on trust so if Twingate does something to lose consumer trust, it'll be reflected in their business. Also, each person has to make choices based on their personal comfort level with security.
no https if you open homeassistant true twingate? is it not insecure?
That's a good question. I suspect all the encryption is handled by client app on the device. It's likely agnostic as to whether it passes http or https the same as a VPN. The big question would be whether it gets decrypted in the Twingate servers. You could probably just use https on top of this solution.
you are connecting via home network so https not necessary required. The connection between twingate on the other hand is secure since its require token. So that should be the explanations. BTW why not use nabucasa instead? much easier hahahahahaha
Twingate creates a TLS tunnel between the client device and the remote network so even if your HA is not SSL encrypted, the traffic is flowing over an encrypted layer between your client and the remote network.
@@mostlychris Thank you.
shouldnt zero trust security solutions be self hosted
Depends. Whatever you use, you need to research it. Twingate has a white paper on their security posture so one can have an understanding of any risks that might be associated with the platform.
disadvantage is slow !!!!
Slow how? I was fast in the testing I did.