I don't get any of it. What's that "tunnel cable" you plugged at the beginning, and unplugged at the end of the video? Can we connect our phone with our DVR from outside of our network after running twingate on a PC/Mac and docker on Raspberry? We can't install any program to the DVR. If we kill twingate on the Mac, then our phone won't be able to connect to the DVR? So we have to have a raspberry, and a computer running twingate 24/7?
Thanks for the tutorial. Quick question, do I need to do anything if the raspberry pi reboots? Or after I rebooted the Pi Twingate is showing the connector as offline
This sounds like a relay system and that brings up worries about 3rd party access. And I believe that QNAP's remote access relay password system was hacked creating no end of problems for its NAS owners. Can you give a bit of detail regarding the differences and how secure the Twingate system is ?
So this comes down into a difference setup. QNAPs issue was that their relay server allowed access to anyone to the NAS (at least the portal) from a web browser. that meant all there had to be was a flaw within Qnap hero and everything was compromised. with Twingate the system is based on zero trust, were everything has to authenticate each other to use a service. To get into a connector you have to be authenticated with your keys. Now could may account get hacked and someone create new keys? Technically always possible. But should that occur and twingate is somehow 100% compromised, you now have just gotten access to the QNAP login portal, you still have to authenticate to the application. Essentially with Twingate you are extending your network out to trusted clients. So if a hacker somehow broke through all of twingates security, they would have the same level of access as someone who broke into your wifi network, yes its bad, but they now need to find security vulnerabilities in the rest of your network to go anywhere
I have the same concerns, really I want to control all nodes. I got my own Low end VPS, that I'd like to use as my coordinator, to get access to my Raspberry PI behind a NAT. How do I do it? TURN/STUN ?
@@SeanMcA-mi3vl FWIW, I found Tailscale VPN and couldn't be happier. Super easy to setup and it's free for home use. I don't pretend to understand the magic of how it connects but it doesn't use a relay like QNAP or Synology.
Great video once again. Love your videos! Maybe a stupid question but using this setup, could I backup my Synology NAS (hyper backup) to an external hard drive plugged into my Pie on a remote location (providing it has an internet connection). If I misunderstood, could you maybe make a video on how to backup your synology nas to a remote location without having to buy an extra synology unit?
Glad you like them! So for this you have 2 options: 1) do this all on command line just like how I did it in the video on the container will pop up in portioner. 2) add each of the environmental variables listed out as different options
@@SpaceRexWill My ISP is not letting me to port forward and I want to turn my raspberry pi into a VPN server, I followed your tutorial on setting up a VPN server using wire guard. Is there any possibility for me to setup a vpn server without port forwarding ?
I’m in the same boat. I just switched to T-Mobile 5G as my ISP, but it killed my PiVPN because they don’t allow port forwarding. I also can’t view my self-hosted IP security camera for the same reason. My temporary workaround is using NordVPN’s new Meshnet feature. It let’s me route traffic through my local Raspberry PI, but the remote device must also have NordVPN installed in order to work. It can be set to route traffic through your home internet IP address without connecting to Nord’s VPN servers.
Very different the Nginx. Nginx is only for web traffic and does not have an authentication setup. This is setup to only allow your authed devices to connect to these devices, and it maps where they should be
This sir is pure GENIUS!!! - sitting behind a T_Mobile 5G Home router with no ability to open ports. Simple Clear, Works like a charm!!
I am also behind T Mobile 5G. Have you tried this? Any idea how they secure the access? I could see they want us to run their app within our network.
I'm trying to get pivpn to work with a tmobile router that wont let you open ports. Will this wrok?
Will this work when you are behind a CGNAT like T-mobal Home G5?
Yes - just set it up - works great
I don't get any of it. What's that "tunnel cable" you plugged at the beginning, and unplugged at the end of the video? Can we connect our phone with our DVR from outside of our network after running twingate on a PC/Mac and docker on Raspberry? We can't install any program to the DVR. If we kill twingate on the Mac, then our phone won't be able to connect to the DVR? So we have to have a raspberry, and a computer running twingate 24/7?
So pie has what os installed ? ubuntu ? Raspbian ? does it matter as long as its linux ?
Thanks for the tutorial. Quick question, do I need to do anything if the raspberry pi reboots? Or after I rebooted the Pi Twingate is showing the connector as offline
This sounds like a relay system and that brings up worries about 3rd party access. And I believe that QNAP's remote access relay password system was hacked creating no end of problems for its NAS owners. Can you give a bit of detail regarding the differences and how secure the Twingate system is ?
Their entire security whitepaper is on their website
So this comes down into a difference setup. QNAPs issue was that their relay server allowed access to anyone to the NAS (at least the portal) from a web browser. that meant all there had to be was a flaw within Qnap hero and everything was compromised.
with Twingate the system is based on zero trust, were everything has to authenticate each other to use a service. To get into a connector you have to be authenticated with your keys. Now could may account get hacked and someone create new keys? Technically always possible. But should that occur and twingate is somehow 100% compromised, you now have just gotten access to the QNAP login portal, you still have to authenticate to the application.
Essentially with Twingate you are extending your network out to trusted clients. So if a hacker somehow broke through all of twingates security, they would have the same level of access as someone who broke into your wifi network, yes its bad, but they now need to find security vulnerabilities in the rest of your network to go anywhere
I have the same concerns, really I want to control all nodes. I got my own Low end VPS, that I'd like to use as my coordinator, to get access to my Raspberry PI behind a NAT. How do I do it? TURN/STUN ?
@@SeanMcA-mi3vl FWIW, I found Tailscale VPN and couldn't be happier. Super easy to setup and it's free for home use. I don't pretend to understand the magic of how it connects but it doesn't use a relay like QNAP or Synology.
Great video once again. Love your videos!
Maybe a stupid question but using this setup, could I backup my Synology NAS (hyper backup) to an external hard drive plugged into my Pie on a remote location (providing it has an internet connection). If I misunderstood, could you maybe make a video on how to backup your synology nas to a remote location without having to buy an extra synology unit?
So sorry just found your video explain exactly that! You are a star! Thanks 🙏
wondering if i can use this for tvheadend, for streaming.
can it be done wirelessly ?
After everything all set up, is it doing direct connection or is it going through Twingate servers
Great video! This thing works great!!
Doesn't work.... Tried to register myself but it says Something went wrong, reload page.
Hey, love your vids man
Glad you like them! So for this you have 2 options: 1) do this all on command line just like how I did it in the video on the container will pop up in portioner. 2) add each of the environmental variables listed out as different options
Which mic do you use?
Its an Oktava MK-012-01. A audio guy I listen to recommended it
As an audio guy (and an it guy, and a community support guy) I second his recommendation. :)
This seems cool. I use zerotier.
Yeah this is similar to zerotier, but instead it just uses the native IP's of all the devices
Can i turn my raspberry pi into a VPN Server, without port forwarding just by using twingate ?
At this point its not really a VPN server, but more of a VPN client. Depends what you need it for
@@SpaceRexWill My ISP is not letting me to port forward and I want to turn my raspberry pi into a VPN server, I followed your tutorial on setting up a VPN server using wire guard. Is there any possibility for me to setup a vpn server without port forwarding ?
@@pavandinesh I have this same issue
@@jjpecoraro6074 I couldn’t find any way to get around the port forwarding. Let me know if you find a way.
I’m in the same boat. I just switched to T-Mobile 5G as my ISP, but it killed my PiVPN because they don’t allow port forwarding. I also can’t view my self-hosted IP security camera for the same reason. My temporary workaround is using NordVPN’s new Meshnet feature. It let’s me route traffic through my local Raspberry PI, but the remote device must also have NordVPN installed in order to work. It can be set to route traffic through your home internet IP address without connecting to Nord’s VPN servers.
Did I see that Twingate misuses "On Premise" instead of "On Premises"? :(
That's disappointing.
port forwarding...
?
Interesting
🅿🆁🅾🅼🅾🆂🅼 😎
So basically this is like
Ctrl+C "Nginx"
Ctrl+V
Very different the Nginx.
Nginx is only for web traffic and does not have an authentication setup. This is setup to only allow your authed devices to connect to these devices, and it maps where they should be
your voice is kinda funny, nice video though