Privacy-first remote access without port forwarding, VPNs, or router configs. Pluggie creates an encrypted tunnel to your local devices in minutes. Your data never touches our servers unencrypted. Works behind NAT and CGNAT.
Free forever · 1GB included · No email or credit card required
You've got devices on your local network — Home Assistant, NAS, cameras, 3D printers — and you need to reach them remotely. But that means:
Pluggie creates an encrypted tunnel from your local device directly to your browser. Privacy-first by design — no middleman ever sees your data.
Security-first remote access with the flexibility to run on any Linux system.
Your traffic is fully encrypted between your device and your browser. Pluggie's relay servers forward encrypted data but never decrypt, inspect, or store it. SSL certificates are generated and stored on your device — not ours.
Control access by continent, country, specific IP ranges, or Basic Auth credentials. Your devices, your rules.
Let's Encrypt certificates issued and renewed automatically, handled directly on your device. Always HTTPS, zero effort.
Use your own domain — no transfer required. Or grab a free pluggie.net subdomain. Your choice.
Run as a dedicated Home Assistant app with one-click install, or deploy the Docker container on any Linux system — NAS, Raspberry Pi, VPS, or bare metal. If Docker runs there, Pluggie runs there.
Create account, paste access key, start the app or container. Home Assistant needs one extra trusted-proxy line — your dashboard guides you through it.
Sign up instantly — no email address or credit card required. You'll receive your unique access key right away.
Pick Docker or Home Assistant. Your dashboard walks you through the rest.
Paste your access key into the app settings or Docker container environment variable. Some apps — like Home Assistant — also need a one-time trusted-proxy entry, which your dashboard and docs walk you through.
Start the app or container. The encrypted tunnel is established automatically — no router configuration whatsoever.
Set up geographic filtering, IP allowlists, and Basic Auth to control exactly who can reach your devices.
How the connection works
Traffic is end-to-end encrypted from your browser all the way to the device where Pluggie runs. The relay server never decrypts your data.
If it has a web interface on your local network, Pluggie can make it securely accessible from anywhere.
Control your smart home, check dashboards, and manage automations from work, travel, or anywhere.
Access router admin, Pi-hole, Proxmox, or any management interface from anywhere. No VPN client needed.
Reach your Synology, TrueNAS, or any file server without VPN hassle.
Receive webhooks from GitHub, Stripe, or any external service directly on your local machine — no ngrok needed.
Access Nextcloud, Gitea, Jellyfin, Pi-hole admin, or any web-based tool remotely.
Monitor Grafana, Node-RED, sensor feeds, or expose local dev environments for testing.
Start free with no strings attached. Upgrade when you need more.
Free tier: 1GB at full speed, then 128Kbps until 30-day reset. Paid tiers: data resets every 30 days from payment date. All plans include end-to-end encryption and automatic SSL certificates.
We built Pluggie because existing solutions weren't good enough. Here's why.
| Pluggie | Nabu Casa | Cloudflare Tunnel | Tailscale | Homeway | |
|---|---|---|---|---|---|
| Price | Free / £5 mo | $6.50 /mo | Free | Free / $5 mo | Free / $3.49 mo |
| Free Tier | ✓ Data-limited | 31-day trial only | ✓ | ✓ (3 users) | ✓ Data-limited |
| No Email Signup | ✓ (free tier) * | ✕ | ✕ | ✕ (SSO required) | ✕ |
| End-to-End Encryption | ✓ ** | ✓ ** | ✕ (TLS at edge) | ✓ (WireGuard) | ✕ (not supported) |
| Encryption Integrity Check | ✓ Active status in UI | Manual fingerprint only | ✕ (no E2E) | ✓ (built into VPN) | ✕ (no E2E) |
| Built-in Geo/IP Filtering | ✓ | ✕ | Via WAF rules | ✕ (ACL only) | ✕ |
| Custom Domain | ✓ (Paid plans) | ✓ (via CNAME) | ✓ (requires CF DNS) | ✕ (MagicDNS only) | ✕ |
| Free Subdomain | ✓ pluggie.net | ✓ nabu.casa | ✕ (temporary only) | ✓ tailnet domain | Private link only |
| Docker & Home Assistant Support | ✓ | Home Assistant only | ✓ | ✓ | ✓ |
| Works Behind CGNAT | ✓ | ✓ | ✓ | ✓ | ✓ |
| Setup Complexity | ~5 min | ~5 min | ~15 min | ~10 min | ~2 min |
* Pluggie's free tier requires no email or credit card. Paid plans use Stripe for payment processing, which requires an email at checkout.
** Both Pluggie and Nabu Casa generate SSL certificates on your local device and relay encrypted traffic through a proxy server that never decrypts your data. With any relay-based service, the provider theoretically controls the domain and could issue alternative certificates — Nabu Casa has openly acknowledged this, which we respect. Pluggie actively displays encryption integrity status in its web dashboard, Home Assistant app sidebar, and Docker local UI. Nabu Casa provides a manual certificate fingerprint comparison method but has not yet implemented the automatic CT audit they have been exploring. Homeway's security documentation describes a relay architecture where requests are tunneled through their servers to your device — E2E encryption is not part of their model; they use a two-layer authentication approach instead. Cloudflare Tunnel terminates TLS at their edge servers. Tailscale uses WireGuard E2E but requires a VPN client on every accessing device.
Start free in about 5 minutes. No email, no credit card, no router config.