Getting Started with Pangolin [YouTube Release]

Youtube Releases
1

Additional Resources:

Pangolin is a self-hosted tunneled reverse proxy server with identity and access control, designed to securely expose private resources on distributed networks.

In this video, Matt demonstrates the installation of a Pangolin server on a Digital Ocean VM, and the configuration a tunnel hosted on a local Raspberry Pi enabling access to resources hosted on his home network.

Fossorial:

Pangolin’s Github repo:

Pangolin’s docs:

Connect With Us

Lawrence Systems Shirts and Swag

►👕 Lawrence Systems

AFFILIATES & REFERRAL LINKS

Amazon Affiliate Store
:shopping_cart: Lawrence Systems's Amazon Page

UniFi Affiliate Link
:shopping_cart: Ubiquiti Store

All Of Our Affiliates help us out and can get you discounts!
:shopping_cart: Partners We Love – Lawrence Systems

Gear we use on Kit
:shopping_cart: Kit

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: Tech Supply Direct - Premium Refurbished Servers & Workstations at Unbeatable Prices

Digital Ocean Offer Code
:shopping_cart: DigitalOcean | Cloud Infrastructure for Developers

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - Launch UniFi and UISP in the Cloud

Protect your privacy with a VPN from Private Internet Access
:shopping_cart: https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS

Patreon
:money_bag: https://www.patreon.com/lawrencesystems

00:00 Intro
01:18 25 years of remote access solutions
03:03 What to expect from this video
03:55 RTFM and prerequisites
06:53 Downloading and running Pangolin’s installer
09:20 CrowdSec and Pangolin
10:42 Initial login and organization setup
12:05 Creating a site and establishing a tunnel with Newt
15:07 Setting up resources and authentication methods
20:34 Access control with users and roles
22:22 Sharable links
23:20 API keys, settings, and server admin
24:44 Accessing resources via Pangolin
29:21 Closing notes and what’s next

1 Like
2

Forgive my ignorance, but is this essentially a DMZ?

Also, not sure if planned but if you have multiple servers in different locations on the backend running services would you connect it to the VPS via tail scale or have to build out tunnels to each location?

3

One thing I’m not really sure about here. My understanding is that this install (as shown) would run on a VPS which would mean that someone else is in control of the “computer” running all keys and key exchanges. How can this be considered secure?