Menu
What's new
By:
Filters Better Search

Let's talk about Twingate

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

BreakingDad

BreakingDad

Very Senior Member
www.twingate.com

Twingate: It's time to ditch your VPN

Twingate makes Zero Trust Network Access easy to deploy, even easier to use, and always secure.
www.twingate.com www.twingate.com

Would it be possible to run this on the router? apparently it can run on a pi? Would it work as an AMTM addon? looks like a tiny install.


Is it safe regarding Twingate being in control of the controller? Trusted by some small businesses, Safe for home use?

Comment from Chuck :

"watch the rest of the vid, look at how they handle authentication. Twingate REQUIRES third-party auth (google, github...etc) for you to connect to a resource. It's not self-hosted, but it's also not as "managed'" as you might think."

A lot of comments on the video about this.

Would it negate the potential "restrict act" more comments on this.

www.politifact.com

Claims mislead on federal RESTRICT Act’s scope and aim

As Congress contemplates a potential ban on the popular social media app TikTok, some Americans are already considering
www.politifact.com www.politifact.com

Also an interesting alternative to zerotier with ztncui.

Interesting stuff regardless, consume with Coffee of course :)

Best Comment:

Devon Crain

2 weeks ago
The pieces of this I did understand were so cool to me that I feel inspired to really dive in and learn substantially about networking. Thanks for all you do!
 
Last edited:
BreakingDad said:
www.twingate.com

Twingate: It's time to ditch your VPN

Twingate makes Zero Trust Network Access easy to deploy, even easier to use, and always secure.
www.twingate.com www.twingate.com

Would it be possible to run this on the router? apparently it can run on a pi?

Click to expand...
Probably a lot easier, and less of a headache to run it in a docker container... Spin up a local vm with Ubuntu on it, and profit.
 
Looks like nothing I would allow on any networks I manage.
 
BreakingDad said:
www.twingate.com

Twingate: It's time to ditch your VPN

Twingate makes Zero Trust Network Access easy to deploy, even easier to use, and always secure.
www.twingate.com www.twingate.com

Would it be possible to run this on the router? apparently it can run on a pi? Would it work as an AMTM addon? looks like a tiny install.


Is it safe regarding Twingate being in control of the controller? Trusted by some small businesses, Safe for home use?

Comment from Chuck :

"watch the rest of the vid, look at how they handle authentication. Twingate REQUIRES third-party auth (google, github...etc) for you to connect to a resource. It's not self-hosted, but it's also not as "managed'" as you might think."

A lot of comments on the video about this.

Would it negate the potential "restrict act" more comments on this.

www.politifact.com

Claims mislead on federal RESTRICT Act’s scope and aim

As Congress contemplates a potential ban on the popular social media app TikTok, some Americans are already considering
www.politifact.com www.politifact.com

Also an interesting alternative to zerotier with ztncui.

Interesting stuff regardless, consume with Coffee of course :)

Best Comment:

Devon Crain

2 weeks ago
The pieces of this I did understand were so cool to me that I feel inspired to really dive in and learn substantially about networking. Thanks for all you do!
Click to expand...
So I watched the video... and think it's pretty dang cool, actually. It works very much like TeamViewer works... you have clients and resources that log into a relay that's controlled by TeamViewer, and facilitates that point-to-point connection. While TV is strictly used for screensharing, this one goes well beyond that, and provides access to resources on the local network... I am going to do a little more research on the Twingate company/product itself to determine the level of access they have to the "stream"... but it sounds fairly secure.

Yeah, I also saw that federal act that would supposedly restrict VPNs... I don't see how they could do that, or enforce that when the vast majority of businesses rely on these to provide access to their remote employees to get into their secure networks. It's going to be very difficult to take this away and fine people for using one. And for godsakes... why would anyone want to specifically go through the trouble to setup a VPN just to access Tiktok... Oh wait, maybe it's like those people who are are using VPN to get to Netflix... lol

This has some more good detail on what to expect...

Twingate Review 2024 - Is it Safer for Businesses than a VPN?

Twingate claims to be safer for businesses and a solid solution to replace network level access through VPNs, but is it that much better? I've tested it to find out.
www.vpnmentor.com www.vpnmentor.com

Notes:

Twingate does collect some of your information. Mostly this is standard information needed to set up your account, or for diagnostic purposes. Some of it is voluntary but the ways that Twingate might use it is spelled out clearly in the privacy policy.

Considering Twingate’s many integrations, it’s important to mention that it will also receive information from the 3rd party apps you may be using with it. However, it can’t read data that’s not routed through it. This means that it won’t log any of your usual personal traffic, such as video calls and instant messages.

However, it is based in the US which is a member of the 5 Eyes Alliance. Although Twingate says it will fight any demands for your data, this does mean that your data could potentially be claimed by any member countries.

You might miss certain features associated with standard business VPNs, like a kill-switch to ensure that everything goes through an encrypted tunnel without exception.

I contacted Twingate to confirm the type of encryption used. While data is being transferred, it is secured via SSL/TLS. When the data is at rest, it is protected by Google cloud services featuring AES-256 encryption, with symmetric keys. Data keys are encrypted using a regularly changed master key, stored in a secure keystore.
 
Last edited:
Viktor Jaep said:
So I watched the video... and think it's pretty dang cool, actually. It works very much like TeamViewer works... you have clients and resources that log into a relay that's controlled by TeamViewer, and facilitates that point-to-point connection. While TV is strictly used for screensharing, this one goes well beyond that, and provides access to resources on the local network... I am going to do a little more research on the Twingate company/product itself to determine the level of access they have to the "stream"... but it sounds fairly secure.

Yeah, I also saw that federal act that would supposedly restrict VPNs... I don't see how they could do that, or enforce that when the vast majority of businesses rely on these to provide access to their remote employees to get into their secure networks. It's going to be very difficult to take this away and fine people for using one. And for godsakes... why would anyone want to specifically go through the trouble to setup a VPN just to access Tiktok... Oh wait, maybe it's like those people who are are using VPN to get to Netflix... lol

This has some more good detail on what to expect...

Twingate Review 2024 - Is it Safer for Businesses than a VPN?

Twingate claims to be safer for businesses and a solid solution to replace network level access through VPNs, but is it that much better? I've tested it to find out.
www.vpnmentor.com www.vpnmentor.com

Notes:

Twingate does collect some of your information. Mostly this is standard information needed to set up your account, or for diagnostic purposes. Some of it is voluntary but the ways that Twingate might use it is spelled out clearly in the privacy policy.

Considering Twingate’s many integrations, it’s important to mention that it will also receive information from the 3rd party apps you may be using with it. However, it can’t read data that’s not routed through it. This means that it won’t log any of your usual personal traffic, such as video calls and instant messages.

However, it is based in the US which is a member of the 5 Eyes Alliance. Although Twingate says it will fight any demands for your data, this does mean that your data could potentially be claimed by any member countries.

You might miss certain features associated with standard business VPNs, like a kill-switch to ensure that everything goes through an encrypted tunnel without exception.

I contacted Twingate to confirm the type of encryption used. While data is being transferred, it is secured via SSL/TLS. When the data is at rest, it is protected by Google cloud services featuring AES-256 encryption, with symmetric keys. Data keys are encrypted using a regularly changed master key, stored in a secure keystore.
Click to expand...

Wow, thanks for the indepth reply, the research and the further reading - appreciated. I also thought it looked very cool, which is why I wanted to discuss it further with the snb community. Anything that runs well on a pi (adguard for example) I get excited by, also with the potential to have more plugins on the router. All that is required I believe is a simple connector you deploy onto your linux box, pi, nas, windows box etc etc The rest you setup through your twingate account. Can probably be done without even a plugin.

I might play around with it for fun on the spare pi I have at some point. when I have some free time. It also works with exisiting VPN setups. Also interesting that you don't need to expose your network publicly as it connects through "connectors" (proxies)

I wonder if anyone here has already tried twingate, and what their experience with it is?
 
'Protected by Google Cloud services' was enough for me to ban it more from anything I use personally.

Google has never protected anything but itself.
 
Viktor Jaep said:
However, it is based in the US which is a member of the 5 Eyes Alliance. Although Twingate says it will fight any demands for your data, this does mean that your data could potentially be claimed by any member countries.
Click to expand...
Uhhh, last I checked, it's up to 14 or 20 Eyes countries sharing information now. It really IS the Matrix and what Edward Snowden warned us about.
so WireGuard on a router under your control (or something like this) isn't so far fetched.
Here in Canada we have a new law, and another bill on the books to back it up, that could be described as fascist from the perspective that open exchange of information/opinion/discourse is being monitored and censored and banned when it isn't "approved" or within the definitions of the new law. It might be said by some that "they" are closing down channels.
but I also see that people are eschewing smartphones for basic mobiles that are non-smart to eliminate the noise/distractions of the media from their lives so that they can focus on efficient and meaningful communication...increasing their personal signal to noise ratio. That's something I'm all for.
Building your own stone walls and moat around what you consider important is taking it a step further, something I've recently become VERY mindful of and can't fault ANYONE for.
So, conclusion - these are good things, non-corporate VPNs, privacy, security, etc.
But we can't take things to the extreme that we're so well bubbled off that we're insular and isolated and out of touch with the greater world as a whole. Humans are social and interactive...or we would've died out long ago.
 
heysoundude said:
Uhhh, last I checked, it's up to 14 or 20 Eyes countries sharing information now. It really IS the Matrix and what Edward Snowden warned us about.
Click to expand...
So there's 5, 9 and 14 according to that article... https://www.vpnmentor.com/blog/understanding-five-eyes-concept/

heysoundude said:
Here in Canada we have a new law, and another bill on the books to back it up, that could be described as fascist from the perspective that open exchange of information/opinion/discourse is being monitored and censored and banned when it isn't "approved" or within the definitions of the new law. It might be said by some that "they" are closing down channels.
but I also see that people are eschewing smartphones for basic mobiles that are non-smart to eliminate the noise/distractions of the media from their lives so that they can focus on efficient and meaningful communication...increasing their personal signal to noise ratio. That's something I'm all for.
Building your own stone walls and moat around what you consider important is taking it a step further, something I've recently become VERY mindful of and can't fault ANYONE for.
So, conclusion - these are good things, non-corporate VPNs, privacy, security, etc.
But we can't take things to the extreme that we're so well bubbled off that we're insular and isolated and out of touch with the greater world as a whole. Humans are social and interactive...or we would've died out long ago.
Click to expand...
I can see the benefits and drawbacks... you have just as many criminals/terrorists using this same technology that we security-minded technologists like to use... how you separate the wheat from the chaff, right? It's in a nation's best interest to keep its citizens safe, while not crossing the line and infringing on people's right to privacy.
 
I would force all VPN providers to comply to local regulations when their servers are located inside the country. Otherwise they are in fact illegal and doing business based on mostly scare tactics. Whoever wants to connect directly to Panama or Papua New Guinea - feel free to do so. In Canada in particular activity logging is mandatory for all ISPs. I don't mind if someone is watching because in another thread here we are discussing NUC options, but someone else somewhere else may be discussing NUKE options. Scaled down to a company - you do what the company policy says and what you agreed to. If you don't want to - go work somewhere else. Democracy is like spice. Too much of it spoils the food.
 
Tech9 said:
I would force all VPN providers to comply to local regulations when their servers are located inside the country. Otherwise they are in fact illegal and doing business based on mostly scare tactics. Whoever wants to connect directly to Panama or Papua New Guinea - feel free to do so. In Canada in particular activity logging is mandatory for all ISPs. I don't mind if someone is watching because in another thread here we are discussing NUC options, but someone else somewhere else may be discussing NUKE options. Scaled down to a company - you do what the company policy says and what you agreed to. If you don't want to - go work somewhere else. Democracy is like spice. Too much of it spoils the food.
Click to expand...
OK thanks for your legislative input, Senator @Tech9! :p Thanks for being part of the 5 Eyes Consortium!
 
Last edited:
I have joined the eyes about 2 years ago. Mandalorians tracking department.

www.snbforums.com

Just to say hello.

Hello everyone, I registered today on this forum because I've been following it for a few years (when I had the AC87U) and now I have some questions about the AX88U router's settings (after using it for a year and a half). :cool:
www.snbforums.com www.snbforums.com

:D
 
Tech9 said:
I have joined the eyes about 2 years ago. Mandalorians tracking department.

www.snbforums.com

Just to say hello.

Hello everyone, I registered today on this forum because I've been following it for a few years (when I had the AC87U) and now I have some questions about the AX88U router's settings (after using it for a year and a half). :cool:
www.snbforums.com www.snbforums.com

:D
Click to expand...
This is the way...
 
You must log in or register to reply here.
Similar threads
Thread starter Title Forum Replies Date
JGrana genailogs - let Googles AI Analyze your log file(s) Asuswrt-Merlin AddOns 24

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,019 (members: 35, guests: 984)
Top