[NetStrikeForce]

We partly do that at Wormhole. I say partly because you still have to be able to access one of our addresses. Port of last resort is 443/TCP, so it works on lots of tricky networks out there.

The idea is that all your IOT stuff establishes a connection to this server, creating an encrypted network between them. You then add your control servers to that network and job done. You devices don't need any inbound access to talk to each other. All the connections are outbound, so no ports to open on your firewall and no risk.

You could do this by yourself, but we take that hassle out of your hands. Happy to help with custom deployments too outside our main service; it's a great way of learning our customers' needs.

It's hard though to have your exact setup as a service, it implies incoming VPN connections to the site where you deploy your IOT and a VPN server of sorts.

Our main focus was remote teams and devs having to use remote servers, however IOT might be a killer use here.

https://wormhole.network

[cmdrfred]

Interesting, I have a few thoughts. Perhaps you could sell a preconfigured pfsense box (or make a raspberry pi image to start with) that when plugged into the customers router creates a reverse tunnel via your service as well as a WiFi hotspot. Then offer the user a very simple firewall control panel and they can choose what devices to allow to the open internet and what to keep private and accessible via some sort of authenticated channel. Thus devices that contain sensitive data or require enhanced security (cameras, private network attached storage devices, home automation) and devices that require internet access (Amazon Echo) can both be served by the service.

Very nice service by the way. I have used ngrok in the past and found it invaluable for a few odd applications. I'll give it a try in future.

[NetStrikeForce]

Hi!

Thank you for the feedback and the suggestion. It is a good idea actually. I'm considering new features in the roadmap, because at the moment I don't even offer Internet access through my system, it's just a private LAN (I'm not competing with the myriad of privacy-minded browsing VPNs out there). Adding a manageable Internet Gateway could be a nice option.

Developing and deploying a software+hardware piece would be very interesting too, so there's no need to deploy agents on the remote servers or IOT devices (on most of them you probably can't) and I take the hassle out of my customer's hands to setup a e.g. Linux gateway to route traffic through the tunnel.

[cmdrfred]

A flexible gateway would be a great add on, I also like a private DNS server while developing. If you offered a Postfix forwarder and static, clean IP addresses, you could attract home users who wish to host their own email but are behind dynamic residential connections (like me, I use a digital ocean droplet currently for that purpose).

[NetStrikeForce]

Thank you again, you're feedback is great!