I have been looking at Twingate for remote access to Home Assistant

Feature Requests
#1

Hi All,

Just wanted to leave a short note to tell people about a zero trust remote access service I found that for a non coder like me was extremely easy to set up and configure. Its called Twingate …its almost the same as Tailscale and Zerotier…three things that I find amazing, its very easy to set up and takes a few mintues and secondly its Zero Trust by default…meaning you have to add all your resources that you want to access and you can restrict access by allowing only certain TCP or UDP ports (even disable ICMP). Lastly you can also restict the client side, meaning you can tell it to make sure the client is running Antivirus or that the Client has a lock screen on etc etc… all Policy based.

The best part is that it runs on almost everything… I would love to see someone add the docker install to Home Assistant Community Add-ons as I am not capable of writing a docker add on :frowning:

Twingate Addon
#2

Duplicate of Twingate Addon

#3

I encourage people to use the Nabu remote access offered by HA at $ 5/mo. It supports the HA development and $ 5/mo is affordable for all.

#4

I agree with the sentiment, but to be clear, Nabu remote does not enable you to connect multiple seperate network (I connect 3 remote networks and only one has Home Assistant), it does not allow you to set up a zero trust network, and it doent not allow you to restrict client access based on policies. What it does do really well is give you remote access to home assistant fronend.

1 Like
#5

I am surprised for people considering Twingate and alike when they are running Home Assistant.

Please stop using “zero trust” to describe this solution. You have to give 100% explicit trust to a third party on your network. You have to give explicit trust to everything their software dials into on their infrastructure. “zero trust” and this network design is as far as east is from the west.

The concept of Home Assistant use, at least for people I have seen running it, is privacy and removing third parties from the equation.

If you are unable to set up a VPN, then by all means this will work. These solutions will give you ubiquitous access, and ease of setup.

But, lot of the technical details and comparisons (specially with VPN) are just simply false, bordering intentional misleading of laypeople.

Again, your choice - convenience or security.

1 Like
#6

Closing as a duplicate, see the link in post two for the place to vote and comment.

#7