Why use ngrok for site-to-site connectivity?
- No inbound ports: The ngrok agent connects outbound over TLS on port 443. No firewall changes or open ports required in the remote network.
- No VPN complexity: Replace VPN tunnels, VPC peering, and custom networking with a single agent and a Cloud Endpoint.
- Centralized traffic control: Apply IP restrictions, authentication, rate limiting, and more using Traffic Policy—all managed from a single dashboard.
- End-to-end encryption: TLS termination at the agent or upstream service, including mTLS for zero-knowledge encryption.
Next steps
Quickstart
Get a basic site-to-site connection working in minutes
Full tutorial
Walk through a complete setup with multiple endpoints, mTLS, and IP restrictions
End customer guide
Share this reference with customers who need to understand why ngrok is being installed in their network
Running in Kubernetes?
Achieve private site-to-site connectivity with the ngrok Kubernetes Operator