Remote access for device fleets
Your devices sit in customer networks you don't control. ProxyPass gives you secure access — no VPN, no port forwarding, no firewall changes on their end.
ProxyPass is a remote access platform for companies that deploy hardware or software into networks they don't own: EV chargers, digital signage, kiosks, vending, and on-premise installs.
Typical pilot: first invoice is €0.
Who it's for
Any business that puts hardware or software into networks they don't own faces the same problem. ProxyPass solves it.
Monitor and update charging stations deployed across parking garages, hotels, and corporate sites — without touching their firewalls.
→ push an OCPP config to 40 sites before 9 AM
Push content updates and pull diagnostics from screens and terminals in malls, airports, and retail locations.
→ RDP into the player stuck behind the mall's CGNAT
Manage inventory systems, payment terminals, and vending machines sitting behind customer networks at scale.
→ pull last night's sales from 200 machines
Access Shelly, Tasmota, KNX gateways, and other HTTP-based devices in customer LANs through a simple REST call.
→ toggle a Shelly relay in a customer LAN with one REST call
Remote-maintain your software installations in customer data centers without requiring them to open ports or set up VPNs.
→ SSH into the on-prem box and ship a hotfix
Service and monitor infrastructure across all your client networks from a single pane of glass.
→ reach every client site from one console
Running devices in networks you don't control?
How it works
Install a lightweight node on any machine in the target network. It connects outbound — no open ports, no firewall changes, no VPN needed on the customer side.
Paste one script, hit enter. The node connects outbound and is live in under 5 minutes. Nothing to configure on the customer side.
$ curl -sSL "https://proxypass.cloud/api/downloads/install.sh?key=…" | sudo bash
— that's the whole installUse the node as a proxy, send API calls through it, or mount its files. Three modes, pick what fits your workflow.
Point your browser, SSH client, or RDP at the proxy. All traffic exits from the customer network — full LAN and internet access.
Send a standard HTTPS request with three headers. ProxyPass relays it through the tunnel to any HTTP device behind the node and returns the response.
Mount the filesystem behind the node as a network drive. Browse logs, pull files, drop in a patch — straight from your file explorer, no SSH session needed.
How it compares
The honest comparison — against the three things teams usually reach for to access devices in someone else's network.
| ProxyPass | Site-to-site VPN | Remote-desktop tools | Port forwarding | |
|---|---|---|---|---|
| Firewall changes on their side | None | Required | Often | Required |
| Customer IT sign-off needed | No | Yes | Sometimes | Yes |
| Works behind CGNAT / LTE | Yes | No | Depends | No |
| Scriptable access | Proxy + REST + WebDAV | Network-level | GUI-first | Per port |
| Reaches the whole LAN | Yes | Yes | Single host | Single service |
| Added attack surface | None — outbound only | Broad network tunnel | Vendor agent | Open inbound port |
| Cost model at 150 sites | €699/mo, per node | Hardware + config per site | Per-seat licenses | Per port + DDNS |
Comparisons are against the general approach, not any specific product. Want the detail? See vs. VPN, vs. remote desktop, and vs. port forwarding.
For your customer's IT
Every deal in this market hinges on one question: "what does this do to our network?" Here is the answer you can give them — in writing.
One outgoing TLS connection — traffic patterns indistinguishable from a routine software update check. Nothing inbound, nothing to scan.
The node connects outward. No listening port, no inbound rule, no scannable surface added to the customer network.
All tunnel traffic is TLS encrypted. Data never leaves the tunnel unprotected, end to end.
Servers in Germany, data stays in the EU. Built for GDPR — not a US cloud with an EU label.
Define exactly what a node may reach and what may reach it — rules per node and per group. Least privilege right at the tunnel.
Groups above 500 nodes can run on their own isolated server, up to 1 Gbit/s — on request.
A public security report you can hand straight to your customer's IT department — no NDA, no sales call.
Read the security overview →Pricing
Graduated volume pricing. Fair-use traffic included. No setup fees, no hidden costs. Billed by the day — you only pay for the days a node actually exists.
FAQ
ProxyPass is a remote access platform for companies that deploy hardware or software into networks they don't own — EV chargers, digital signage, kiosks, vending machines and on-premise installations. A lightweight node makes outbound-only connections, so you reach your devices without VPNs, port forwarding or firewall changes on the customer side. It is not related to the Apache mod_proxy ProxyPass directive.
No. The node connects outbound over TLS, like any software calling home for updates. There is no inbound port to open, no firewall rule to add and nothing to configure on the customer network.
A site-to-site VPN needs configuration and sign-off on the customer's network and opens a broad link between two networks. ProxyPass installs a single outbound-only node, needs no customer-side IT involvement, works behind CGNAT and LTE, and exposes only the access you define per node and per group.
Three access modes: a CONNECT proxy for any TCP protocol (SSH, RDP, browsers, MQTT and more), a REST bridge that relays a single HTTPS request to any HTTP device on the LAN, and a WebDAV file mount that exposes the node's filesystem as a network drive.
One outgoing TLS connection from the node, with traffic patterns indistinguishable from a normal software update check. No listening port, no inbound traffic, nothing scannable. You can hand them our independently verified security report.
Yes. Servers are hosted in Germany, data stays in the EU and the service is built for GDPR compliance — not a US cloud with an EU label.
Pricing is per node, graduated from €5.00 down to €3.00 per node per month at volume — for example, 150 nodes is €699/month. Billing is by the day, so a node added on the 29th only costs the remaining days (€5 × 2/31 ≈ €0.32). Groups above 500 nodes can run on dedicated, isolated infrastructure on request.
Under five minutes. You paste one install command on any machine in the target network, it connects outbound and the device is reachable. Typical pilot onboarding is within 24 hours.
Start a pilot. We onboard every customer personally to make sure your deployment scales from day one.
Typical pilot: first invoice is €0 · onboarding under 24 hours