- Configure an agent in a remote network
- Create a Cloud Endpoint
- Verify that traffic flows end-to-end
What you’ll need
- An ngrok account.
- The ngrok agent installed on a machine inside the remote network you want to connect to.
- A service running in the remote network that you want to reach (this quickstart uses port
8080as an example).
1. Configure an Internal Endpoint
Open the ngrok configuration file on the remote machine and add an Internal Endpoint that points to the service you want to access. You can do so by editing your config file with thengrok config edit terminal command. Update yours to resemble the following snippet.
ngrok.yml
YOUR_AUTHTOKEN with the authtoken from your ngrok dashboard.
Internal Endpoints are private endpoints that only receive traffic when a Cloud Endpoint forwards to them using the forward-internal Traffic Policy action.
Next, start the agent:
- Using ngrok.yml
- Using a different config file
2. Create a Cloud Endpoint
Cloud Endpoints are persistent, always-on endpoints managed from the dashboard or API. They use an attached Traffic Policy to handle incoming connections. Create a new Cloud Endpoint in the dashboard. After it’s created, you’re taken to the Traffic Policy editor view. Replace the default Traffic Policy with the following:3. Test the connection
Copy the URL of the Cloud Endpoint you just created from the dashboard, then send a request to verify traffic reaches your service:8080 in the remote network.
What’s next
- Configure site-to-site connectivity for a full walkthrough with multiple endpoints, mTLS, and IP restrictions.
- Set up a custom connect URL to white-label the agent connection for your customers.
- Install ngrok as a background service so the agent starts on boot and recovers from failures.
- Eliminate single points of failure by running redundant agents for high availability.
- Create Service Users to isolate and scope access per customer.