In this video, I show you how to set up Pangolin, a powerful open-source platform that combines a reverse proxy and VPN into a single ZTNA solution. We’ll go through the complete installation process, connect a remote site, and securely publish both public and private services, creating a self-hosted alternative to Cloudflare and traditional VPNs.
Notes#
Architecture Overview#
Pangolin is composed of several key components that work together:
- Pangolin Server: The central control plane with the web dashboard, API, and management system. It coordinates connections, manages access policies, and stores configurations.
- Traefik: The underlying reverse proxy that handles HTTP/HTTPS routing, SSL termination, and Let’s Encrypt certificate management.
- Badger: A required Traefik middleware plugin that intercepts requests and authenticates them with the Pangolin server before granting access.
- Gerbil: Manages the WireGuard tunnels between your remote sites and the Pangolin server. This is optional and only required for tunneling features.
- Newt: The lightweight software connector that runs on your remote networks (Sites). It establishes a WireGuard tunnel back to Gerbil to proxy local resources.
Instructions#
Follow the instructions on the official Pangolin documentation to set up your server and connect remote sites: https://docs.pangolin.net/self-host/quick-install
