IoT

Remote access to IoT devices behind NAT.

Reach a Raspberry Pi, industrial gateway, or field device without VPN appliances. Open a short-lived TCP/HTTP tunnel when you need to debug, then close it.

How it works

  1. 1

    Install on the device or a companion host

    Linux ARM binaries work on Raspberry Pi-class hardware.

    brew install rustunnel
  2. 2

    Tunnel the management port

    HTTP for a local dashboard, TCP for SSH or MQTT bridges.

    rustunnel tcp 22 --server eu.edge.rustunnel.com:4040
  3. 3

    Connect, fix, close

    Use the public endpoint for the maintenance window, then stop the client so the device is no longer reachable from the internet.

Why rustunnel

  • Outbound-only connectivity

    Devices dial the edge — no inbound firewall rules at the site.

  • Self-host for fleet control

    Run your own rustunnel-server so device traffic never leaves your infrastructure.

  • Pairs with AI agents

    An on-call agent can open a tunnel, run diagnostics, and close it via MCP when human hands aren't nearby.

Pricing that matches how you work

Open a tunnel only when you need it — idle devices cost $0 on pay-as-you-go.

Quick start: brew install rustunnel

Create a free account

FAQ

How do I get remote access to an IoT device behind NAT?+

Install the rustunnel client on the device (or a gateway on the same LAN), open a TCP or HTTP tunnel to the management port, and connect through the public endpoint.

Is this a full VPN replacement?+

For targeted admin access, often yes. For always-on mesh networking across hundreds of sites, evaluate Tailscale/WireGuard — rustunnel shines for on-demand service exposure.

Can I self-host for compliance?+

Yes. AGPL self-hosting keeps tunnel traffic on your servers. Managed cloud is optional convenience, not required.