How to access Home Assistant and your internal network with Twingate. No port forwarding needed!

Lots of requests for that. I'll get on it.

Tailscale is good as a VPN solution. Twingate is good for securing individual resources. I use them both.

I have a video coming out very soon (as of this comment) that has my top 5 connection options for Home Assistant. Give that a watch (subscribe so you get notified).

Thanks for the feedback. I can get "wordy" sometimes! I have not done anything with the Cloudflare stuff other than my original video a few weeks ago. I do have it listed on my idea page though.

@@mostlychris Cloudflare Tunnel looks great for HA since it doesn't require an extra application running on the end users device with the one caveat it requires a domain. I already hear grumbling in the comments. 🤣 Another possible idea would be a comparison of some of the options. I've seen a few questions over "Why this way".

Good points. Maybe everyone should just register a domain just in case they want to do something with it in the future 😉

Hi there, we have SOC2 and you can access our security white paper here lp.twingate.com/hubfs/White%20Papers/Twingate-Security-Whitepaper.pdf

Thanks for the question fedamn76 and thanks Twingate for the answer!

That's a good question. I suspect all the encryption is handled by client app on the device. It's likely agnostic as to whether it passes http or https the same as a VPN. The big question would be whether it gets decrypted in the Twingate servers. You could probably just use https on top of this solution.

you are connecting via home network so https not necessary required. The connection between twingate on the other hand is secure since its require token. So that should be the explanations. BTW why not use nabucasa instead? much easier hahahahahaha

Twingate creates a TLS tunnel between the client device and the remote network so even if your HA is not SSL encrypted, the traffic is flowing over an encrypted layer between your client and the remote network.

@@mostlychris Thank you.

I’m thinking the same. It even seems very similar

I'm now looking at Cloudflare Tunnel. It's also very similar.

I just looked up Tailscale. That's a VPN. From what I see the big difference is Twingate has the ability to restrict what resources the client has access to by user group. You could restrict access to specific ports and IP addresses in the network. For instance you may want to access the whole network as an admin but only give access to HomeAssistant or Plex to other users. Unless I missed something every device you log into Tailscale has access to ever other device you log in just like they are on the same network.

@@jmr I see! This is a great information. That makes sense and I do see the value of specific ip certain access. That's quite cool for sure.

Tailscale is a VPN solution, albeit a zero config vpn. Twingate is a resource access option that allows you to make very specific resource ACLs for stuff inside a remote network.

Anything can happen. Company reputations are built on trust so if Twingate does something to lose consumer trust, it'll be reflected in their business. Also, each person has to make choices based on their personal comfort level with security.

Depends. Whatever you use, you need to research it. Twingate has a white paper on their security posture so one can have an understanding of any risks that might be associated with the platform.

Slow how? I was fast in the testing I did.