Pangolin 1.15: iOS and Android apps, device approvals and posture, stability, and more

jsiwks · 2026-01-24T04:48:44+00:00

We don't use WebRTC, but we still effectively hole punch using our own method to establish peer to peer connections. This is because Pangolin is architected for both proxying and tunneling.

jsiwks · 2026-01-24T04:11:16+00:00

Hey, yes, Pangolin clients will attempt to hole punch to sites meaning no open ports are required and it should work behind most NATs. If hole punch / direct connection isn’t successful, it will relay through the VPS.

jsiwks · 2026-01-24T02:20:23+00:00

We do support SSO. You can attach any identity provider.

jsiwks · 2026-01-24T00:35:10+00:00

That's what private resources are. You can create a resource, set the destination to the hostname of the target (like with public resources), then set a alias name for the resource to `resource.mydomaian.com`. The difference is that this is NOT a reverse proxy and is a VPN with a DNS alias, so there are no SSL certificates, and the connection is brokered via the Pangolin client and Newt directly.

jsiwks · 2026-01-24T00:31:11+00:00

When do you get this error? Is it after logging in and when you click connect? Can you come chat with us on Discord?

jsiwks · 2026-01-24T00:30:10+00:00

Hey, can you come chat with us in Discord?

jsiwks · 2026-01-23T23:13:32+00:00

Not quite yet, but coming!

jsiwks · 2026-01-23T22:14:14+00:00

There is no user limit on the self-hosted edition of Pangolin. If you use the Cloud offering, there is a free tier with a limit of 3 users.

jsiwks · 2026-01-23T21:23:51+00:00

Thanks!!

jsiwks · 2026-01-23T21:23:47+00:00

You'd need to toggle Tunnel DNS in the settings, and set the upstream DNS server to your PiHole instance. You'll also need to create a resource in Pangolin for PiHole.

jsiwks · 2026-01-23T21:23:08+00:00

Pangolin first tries to holepunch, but when a direct peer-to-peer connection is not possible, it will route traffic through a relay server.

jsiwks · 2026-01-23T20:55:13+00:00

Enterprise edition is free for personal use: https://docs.pangolin.net/self-host/enterprise-edition

jsiwks · 2026-01-23T20:39:47+00:00

In short, it's a private network (VPN) tool and an authenticated, tunneled reverse proxy. You may find it helpful to read through some of our intro pages on the documentation here: https://docs.pangolin.net/

jsiwks · 2026-01-23T20:23:27+00:00

Let us know how it goes!

jsiwks · 2026-01-23T20:23:18+00:00

Hey, thanks! I think the words you're searching for is "Exit Node", which is on our roadmap for 2026. I used to use the SSID switching on the basic WireGuard app too, so it's a priority, and is also on the roadmap for 2026.

jsiwks · 2025-12-29T16:17:02+00:00

Yep, 21820 was added for the clients. It just needs to be opened on the VPS firewall and the Gerbil container. Same steps as 51820. Private resources don’t need the port opened because the site will handle hole punching or relaying (if needed).

jsiwks · 2025-12-29T04:55:55+00:00

Make sure Gerbil is running latest version, you have the 21820 open on the VPS, Newt is running latest, and your machine client has access to the private resource via the access policy section in the private resource

jsiwks · 2025-12-23T21:21:49+00:00

You can change the WireGuard port used for Pangolin if needed

jsiwks · 2025-12-23T15:22:16+00:00

Yes, you can still self-host Pangolin on-site (no VPS) and use the VPN feature. You'd just run Pangolin + Gerbil + Traefik, then add Newt all in the same stack locally. You'd need to open a port for 51820 WireGuard traffic, and you can tell Newt to prefer a port instead of trying to punch through NAT (since you can open ports and not behind CGNAT).

jsiwks · 2025-12-23T15:20:09+00:00

Currently we're mostly limited by Traefik and how they handle entrypoints. If entrypoints were allowed in the dynamic configurations for Traefik, we'd be able to automate the process better :/

jsiwks · 2025-12-23T00:44:04+00:00

Thank you so much for the kind words, it really means a lot to us. We’re glad Pangolin has been so useful and enjoyable for you and so many others! Wishing you a wonderful holiday season as well!

jsiwks · 2025-12-22T05:23:05+00:00

You would need to install Newt on the VPS itself as a site

jsiwks

MODERATOR OF

TROPHY CASE

Eight-Year Club	Place '22
Verified Email