good morning everyone, I was wondering if it was possible with twingate to connect the devices I have on the lan in city A to the one I have on the lan in city B so that they all belong to the same “virtual lan” and can see each other.
Maybe I need to deploy a connector within each of the two lan?
@as87ita I’d take a look at the Site to site with Twingate | Docs guide and see if that helps. The overall idea is that you’re creating local gateways within each environment using as you suggested a Connector as well as one of our Service Accounts (headless Client), and then devices inside of each of these environments can be routed to access the other environment.
It’s a bit more of an advanced setup for sure but totally possible
Hello again! I’m sorry to resurrect this old thread but I couldn’t make a “site to site” connection following the guide so I thought I’d simplify the problem a bit.
I would need access to my corporate network (where I have the two twingate connectors installed) as I need to reach a DB on that network.
I would like to reach it from a service on a docker container in the cloud that needs to consume the data in the DB.
Do you have any pointers or guidance on how I can install a Twingate headless service (i created it on twingate account online) in my docker environment in the cloud to be able to query the DB?
TY!!
Hi @as87ita,
your use case is definitely achievable, as you correctly pointed out, using a Twingate Client in Headless Mode & a Service Account + Service Account key.
We recently published a full enablement course for free on our subreddit, take a look at the “Professional Track” here and especially module 1.9 on Service Accounts: it contains a review of how to leverage it and you will find a docker compose at the very end of the module that you can repurpose to deploy your own headless client in your cloud environment.
(we have not yet recorded a video version of this module but we will get it done soon. All other modules contain a deck and video!)
thank you Bren!
I just joined your subreddit but unfortunately the Enablement Course and other resources are disabled by the moderators… i can’t reach them
Thank you Bren, now i can see the enablement courses.
I think these kinds of guides are essential, I myself am not very familiar with VPN networks but Twingate allows me to have a great and easy to set up solution!
Now ,about my problem I understand that the Docker Compose that you report in the example creates a container with Ubuntu image and, on top of that Ubuntu image, installs the headless client.
I have several services running in docker containers, i think they all have a Linux Alpine under them.
Can i install the Healdess Client in one of this container without downloading a whole ubuntu image and make a container from it?
Docker Compose example
version: “1.0”
services:
tg-headless-client:
image: ubuntu:latest
privileged: true
command: >
bash -c “apt-get update
&& apt-get install curl -y
&& curl https://binaries.twingate.com/client/linux/install.sh | bash
&& sudo twingate setup --headless /etc/twingate-service-key/service-key.json
&& sudo twingate start
&& sleep infinity”
volumes:
- /path/to/service/key/:/etc/twingate-service-key/
ports: - “3128:3128”
restart: always
tg-proxy:
image: ubuntu/squid
volumes: - /path/to/squid.conf:/etc/squid/squid.conf
restart: always
network_mode: “service:tg-headless-client”
depends_on: - tg-headless-client
unfortunately, I don’t believe Alpine is supported (I think it’s missing a few things the headless client to run on it).
The following distros are supported: Ubuntu, CentOS, Fedora, Debian
ok thank you very much, that was a huge help