Routing incompatible devices through a twingate client instance

Hi all, I am interested in using Twingate to connect some devices in a common network, however many of the devices are embedded linux systems that aren’t directly compatible with the Twingate client. I have an Ubuntu server which I could connect with the Ubuntu Twingate client, and I was wondering if I could then enable routing on the Ubuntu server and then use that server as a means for routing these incompatible devices through the Twingate network I’m establishing.

I realize this has some implications for licensing since Twingate uses a per-client scheme; I’m not trying to circumvent that, but I’m also not trying to get Twingate to release a source code version of their client that I could attempt to cross-compile (if it would even work on the embedded device).

tl;dr: can I route multiple devices through a single Twingate client instance via NAT/routing?

Let me ask some clarifying questions:

  1. The systems are all on the same network? Same Subnet?
  2. Are you trying to get somewhere FROM these systems out or TO these systems (in)?
  3. If these systems are going out, where are they trying to go?

I think this is possible. Let’s keep at it.

The ubuntu server and embedded device would be on the same local network together, in the same physical location. The primary use case would be for remote users running a Twingate client on, say, their laptop to connect to the ubuntu server and embedded device. However there are cases where the embedded device or ubuntu server may need to reach out to a remote server also running a Twingate client instance, like for alerting purposes.

Ahhh ok. Yeah so for the first scenario you are set. You can place the connector on the ubuntu server and give outside access in to the embedded devices.

For the other scenario you would do what you suggest. Routing. Basically turn the ubuntu server (or another one) into a NAT. Push everything outbound from the embedded devices to that server and then run the client (service account) on that server to connect out to whichever remote device is needed.

If it is only for alerting, you might consider just having the embedded devices update the server and the remote devices check in. Not sure exactly the systems you are working with, but that is an idea.

OK cool. Glad to know this is feasible. I’ll try to get a Twingate system set up soon so I can start playing with this.