Archive Note: This article was originally published on LinkedIn on March 21, 2025.
Reflecting from 2026: Twingate has become a permanent fixture in my home setup. The Raspberry Pi gateway idea mentioned at the end of this article did eventually get explored when I was working on a home automation system...but that is an another story.
I don't believe in fate or things being destined to happen… and don't worry, this isn't a piece about how I was wrong. I am firmly of the notion that happy coincidences do occur and they aren't some glimpse behind the destiny curtain. One of those situations just happened but it wasn't immediately obvious to me. I'll get to that later. However, it started when I was going through my emails and noticed a job ad from a company called Twingate: "It's time to ditch your VPN". That line caught my eye. I had to see what they do.
I don't generally judge a book by its cover, but I'll be honest, a good cover definitely makes me want to open the book. This one did just that. I went to their website (https://www.twingate.com/) and started exploring to see how this differs from a VPN and why it would make me want to ditch mine. We've all used a VPN. Often for secure remote access to a work network, possibly more often for accessing geo-restricted content or masking our IPs. We all know that VPNs come with configuration headaches, monthly subscriptions, and the knowledge that within reason, no matter how much the price changes, you aren't likely to switch unless you like the idea of reconfiguring your router or all of your devices to use a new one.
Twingate promised:
- 90% reduction in deployment time - VPN setup is often a pain.
- 99.99% reliability - Most VPNs aren't bad on reliability, but there's always something.
- 86% faster performance - This one really piqued my interest; traditional VPNs have noticeable slowdowns.
Then came the clincher: "Try For Free". Not a trial that auto-charges when you forget to cancel in enough days for you to forget you need to cancel. A genuine, ongoing free plan. What if you need to upgrade? There is always something that will make you feel the need to upgrade, right? Five dollars a month. That's less than what a lot of VPN services charge. But would I actually use it? I wasn't sure. So, I tried it, the free version.
The onboarding experience is really quite impressive and shows they've put a lot of thought into the old VPN config experience and how it is part of the problem. In under a minute, I had given my email, chosen my network name, linked it to my Google account (there are options for Google, Microsoft, GitHub and LinkedIn), and I was ready to deploy. Setting up my first Resource (any private IP address, DNS name, or network subnet that you define as something you want to securely expose to authorised users) and first Connector (a lightweight service that acts as a bridge between your private resources and authorised users) took just a couple more minutes. The most time-consuming part? Deciding which setup option to use. I chose my Mac's IP address as my first Resource and chose to set up a Connector using Docker. Everything is handled via the webpage other than running the Docker command line that the website gives you in the terminal to create your Connector. After that, you're done.
So, there I was with a private network built around my local machine. But what could I actually do with it? This is where the coincidences started revealing themselves.
First Experiment: Remote Web App Testing
I wanted to check that I could get access to my new network first. I installed the Twingate app on my Android phone, made sure it was not on the wifi and was using mobile data, and connected it to my new Twingate network. It seemed to work, but I had nothing to prove this. It then occurred to me that I have a local web server running on my Mac. I have been working on a web app for a while and this has been my development environment. It is a phone app, so I have been testing it on my phone using my local network. However, this has limited me to only testing it at home. I could have taken the time to set up my web server to be accessible from outside of my local network, but this would have meant router changes like port forwarding and reconfiguring my web server. I chose not to do this and instead set up a proper web server to host it for testing. Largely because I didn't want to start hacking around with my local network and potentially make it less secure. But since I have launched my app, any testing or debugging of enhancements has been taking place on my local web server. I had just got to the point of reconsidering whether to expose it to the outside world. I wondered whether Twingate would give me access to my debugging environment via my mobile data connection on my phone. It did. No security issues introduced. No time spent faffing around with port forwarding or local web server reconfiguration. I can literally just spin up a default configured web server using Docker, throw some content on it and access it anywhere in the world via Twingate. This will be super useful to me and I may never have considered an approach like this had it not been for that job ad.
Second Experiment: File Sharing
The unexpected web server situation got me thinking of other things that I had struggled with recently. One thing that has been more of a chore than a blocker has been moving videos from my phone to my Mac. I have been producing some content about my mobile web app and recording it on my phone. However, in order to edit it I need it on my Mac. Macs and Android phones do not play all that nicely. There is a way of moving large content like this, but it involves a third party, usually Google Photos. It's a chore. It takes significantly longer than it should and litters my Google Photos with content that I need to go in and delete later. I wondered if I could expose an interface to files on my Mac so that another device on the Twingate network could download from or upload files to it. I looked around and found a suitable application called FileBrowser (https://filebrowser.org/). I found a docker-compose.yml file to configure it and had it running in Docker within about five minutes. A few minutes later I had the interface open on my phone and I was uploading a video to my Mac. I appreciate that this would have been possible prior to my discovery of Twingate. I could have just gone down this route and connected my phone while it was on my local network. The revelation here is that I can expose this to anyone who may want to send me data or to whom I may want to give data. My other half was recently talking to her parents about how to get some holiday photos sent to her. They don't have a Google account to share a photo album, and sending them via email really isn't a good solution. She told me they were planning to send the SD cards through the post...just as I had been playing around with all of this. Now that I had it set up, I gave them simple instructions to connect to my network and upload everything directly to my machine. No third parties (Google or the post office), no fuss, and done in no time at all. I've also earned myself a few brownie points with the in-laws 😉
Third Experiment: Would a Geo-Tunnel Be Possible?
We all know one big reason for social use of VPNs is to help bypass geographic restrictions. But streaming services are smart. They block known VPN IP addresses. What they won't identify to block so easily are residential IP addresses that aren't public-facing endpoints. I wondered if Twingate, combined with a Squid proxy, would let me use a friend's residential IP address. Time to test.
- On my main Mac (already a Twingate Resource), I spun up a Squid proxy using Docker.
- On my secondary Mac (tethered to my phone's mobile data, a totally separate connection) I installed Twingate and connected to my private network.
- I configured the proxy settings on my secondary Mac to point to my main Mac.
- Visited https://whatismyipaddress.com/ on both machines. The same external IP address, even though one was on a completely different network.
This proved the theory. If you have a friend in another region who is willing to run a simple Docker container and join your Twingate network as a resource, you can share their IP address securely. They can do the same with yours. No VPN blacklists. Just clean, private residential access. No shared VPN IP addresses or datacenter ranges that streaming services can easily block. Just two friends helping each other out. Hmmm, F1TV isn't available in the UK and we have the Chinese Grand Prix this weekend. I wonder if Drew is willing to give this a try?
Why This Matters
Whether it's secure file transfers, accessing private resources remotely, testing local apps from anywhere or sharing IP addresses across continents, Twingate can make it effortless. No open ports. No security risks. Just point, click, connect.
I think I've only scratched the surface. My next goal is to see if I can set up a Raspberry Pi Outbound Tunnel Gateway resource so that every device in my house can route traffic through a friend's IP in another country.
Sometimes, a happy coincidence is just that. But this one led me to a tool that has unexpectedly solved a couple of problems and is changing the way I think about secure, accessible networking. And that's worth sharing.
Source: This article was originally published on LinkedIn.
Status: Archived & Updated for rilhia.com.