twingate/connector

By twingate

Updated 3 months ago

Twingate's Connector

Image
Networking
Security
Developer Tools

10M+

Quick reference

What is the Twingate Connector?

Twingate makes Zero Trust Network Access easy to deploy, even easier to use, and always secure. Twingate is a central Zero Trust orchestration layer, so you can create a best-in-class security ecosystem without having to recut your network.

The Connector is a Twingate component that is deployed behind your firewall to provide access to private Resources.

Learn more about how Twingate works, explore Twingate use cases and read our Docker deployment guide.

Quickstart

To start a Connector, you will need an Access Token and a Refresh Token to run the Connector. These can be generated via the Twingate Admin Console or the Twingate API. For more information, see the Docker deployment guide.

Use the following command to start a single Twingate Connector:

docker run -d
    --sysctl net.ipv4.ping_group_range="0 2147483647"
    --env TWINGATE_NETWORK="twingate-network"
    --env TWINGATE_ACCESS_TOKEN=""
    --env TWINGATE_REFRESH_TOKEN=""
    --env TWINGATE_DNS="198.51.100.42"
    --env TWINGATE_LABEL_HOSTNAME="`hostname`"
    --env TWINGATE_LOG_ANALYTIcS="v2"
    --name "twingate-connector-name"
    --restart=unless-stopped
    --pull=always
    twingate/connector:1
Parameters
  • TWINGATE_NETWORK: Your Twingate network slug, e.g. <name> for the Network <name>.twingate.com.
  • TWINGATE_ACCESS_TOKEN: A time-expiring access token used to authenticate the Connector. Generated via the Twingate Admin Console or the API.
  • TWINGATE_REFRESH_TOKEN: A time-expiring refresh token used to authenticate the Connector. Generated via the Twingate Admin Console or the API.
  • TWINGATE_DNS: (Optional) A custom, locally resolver, DNS server for the Connector to use.
  • TWINGATE_LABEL_HOSTNAME: The local machine's hostname.
  • TWINGATE_LOG_ANALYTICS: (Optional) Enables local network connection logs. Set to "v2" to enable logs.

To make the Connector available on the host machine's local network, remove --sysctl net.ipv4.ping_group_range="0 2147483647". This is recommended when Clients may be on the same local network as the Connector as it will allow peer-to-peer connections.

Docker Pull Command

docker pull twingate/connector