You don’t need to use their authentication step. It just makes it easy to expose services that you don’t necessarily have authentication for since it’s acting as both a tunnel and reverse proxy.
I use it to create subdomains and such, also means I don’t need to expose any ports on my home server since the only thing that’s actually exposed is the Pangolin instance on my VPS.
You can run into issues with services that require a consistent domain name since the pangolin record won’t necessarily match your local domain.
Since their authentication is just a layer on top of whatever you have, it means you can be a bit less strict with your internal auth and lean more on their layer to prevent access to login pages that may not be secure. Since all traffic routed through Pangolin will get SSL encryption, it also means you can skip SSL locally if you don’t care about people snooping traffic on your LAN.
Yeah, I just finished migrating everything, and it’s very cool. I’m going to give the clients a spin at some point. It would be cool to be able to map a network folder from my NAS even though I’m away from my home network for example.
I access most of my services via their domain address when at home anyway. Ideally, I’d have some kind of local DNS that would see those domain requests and route them locally, but I’ve never really found a practical solution to that. It feels like I’d be maintaining two reverse proxies to get that done.
To keep the DNS lookup local on your own network, you would need to maintain a separate local reverse proxy. That can be used to drive the Pangolin proxy though by just using the domain name defined in the local proxy since the newt instance is checking your local domain on the reverse side.
That way you don’t need to use IP addresses in your pangolin instance and can use domains defined by your local proxy.
You don’t need to use their authentication step. It just makes it easy to expose services that you don’t necessarily have authentication for since it’s acting as both a tunnel and reverse proxy.
I use it to create subdomains and such, also means I don’t need to expose any ports on my home server since the only thing that’s actually exposed is the Pangolin instance on my VPS.
You can run into issues with services that require a consistent domain name since the pangolin record won’t necessarily match your local domain.
Since their authentication is just a layer on top of whatever you have, it means you can be a bit less strict with your internal auth and lean more on their layer to prevent access to login pages that may not be secure. Since all traffic routed through Pangolin will get SSL encryption, it also means you can skip SSL locally if you don’t care about people snooping traffic on your LAN.
Yeah, I just finished migrating everything, and it’s very cool. I’m going to give the clients a spin at some point. It would be cool to be able to map a network folder from my NAS even though I’m away from my home network for example.
I access most of my services via their domain address when at home anyway. Ideally, I’d have some kind of local DNS that would see those domain requests and route them locally, but I’ve never really found a practical solution to that. It feels like I’d be maintaining two reverse proxies to get that done.
To keep the DNS lookup local on your own network, you would need to maintain a separate local reverse proxy. That can be used to drive the Pangolin proxy though by just using the domain name defined in the local proxy since the newt instance is checking your local domain on the reverse side.
That way you don’t need to use IP addresses in your pangolin instance and can use domains defined by your local proxy.