Pangolin is an open-source, identity-based remote access platform built on WireGuard that enables secure, seamless connectivity to private and public resources. It functions as a VPN and proxy that spans multiple networks, allowing users to securely route traffic over WireGuard tunnels to any private network.
The platform enables users to deploy sites to expose and control applications with no deployment hassle, automatic scaling, zero infrastructure management, and always up-to-date functionality. It provides a unified dashboard where you can monitor, configure, and secure all services regardless of location. Pangolin supports SSO, OIDC, PIN authentication, passwords, and temporary share links while enforcing granular access rules based on identity and context.
Pangolin works by deploying site connectors to networks, creating WireGuard tunnels for secure traffic routing. The platform handles NAT traversal automatically and provides identity-based access control rather than traditional network-based approaches.
The platform reduces network and access control complexity while providing enterprise-grade security protection for applications. It enables secure remote access to internal applications and infrastructure by granting users and groups access to specific resources.
Pangolin serves organizations needing remote access solutions, with deployments reaching 981.1K instances. It integrates with various applications including Bitwarden, Grafana, APIs, frontends, microservices, and field cameras across different environments like AWS VPC, office networks, and edge devices.
admin
Pangolin serves organizations needing remote access solutions, particularly those requiring identity-based VPN alternatives. It targets users who need to securely connect to internal applications and infrastructure across multiple networks including AWS VPC, office environments, and edge devices. The platform is designed for teams that want to reduce network and access control complexity while maintaining enterprise-grade security with features like SSO, OIDC, and granular access rules.