meshr / Platform / Tunneling
Tunneling

Expose any service, securely.

Create HTTP and TCP tunnels in seconds. Share dev servers, databases, or APIs with your team — all protected by Zero Trust policies and optional authentication.

  • HTTP tunnels with custom subdomain routing
  • TCP tunnels for databases, Redis, gRPC, anything
  • Basic auth, bearer token, or header-based protection
  • Bandwidth tracking and audit logging
Get early access Learn more →
meshr tunnel
# Expose local dev server to your team
$ meshr tunnel http 3000 --name my-app
 Tunnel active: https://my-app-acme.tunnel.meshr.to

# Expose PostgreSQL for remote access
$ meshr tunnel tcp 5432 --name staging-db
 Tunnel active: tcp://tunnel.meshr.to:34567

# Add authentication
$ meshr tunnel http 8080 --name api \
    --auth bearer --token sk_live_abc123
 Tunnel active: https://api-acme.tunnel.meshr.to
  Auth: Bearer token required

# List active tunnels
$ meshr tunnel list
NAME        PROTO  LOCAL   PUBLIC URL                  AUTH
my-app      http   :3000   my-app-acme.tunnel.meshr..  none
staging-db  tcp    :5432   tunnel.meshr.to:34567       none
api         http   :8080   api-acme.tunnel.meshr.to    bearer
3 tunnels active
How it works

Your service stays on your machine.

meshr handles the routing, encryption, and access control.

Internet

Browser or client

my-app.tunnel.meshr.to

meshr Cloud

Reverse proxy + auth

Policy checkAuth validation

Your Machine

Agent + local service

localhost:3000
gRPC tunnel (encrypted)

Share dev servers

Show your work to teammates or clients without deploying. One command, instant public URL.

$ meshr tunnel http 5173 --name demo
 https://demo-acme.tunnel.meshr.to

Remote database access

Connect to staging or production databases from anywhere. No VPN, no port forwarding.

$ meshr tunnel tcp 5432 --name pg
 tcp://tunnel.meshr.to:34567

Webhook testing

Receive webhooks from Stripe, GitHub, or any service directly on your local machine.

$ meshr tunnel http 4000 --name hooks
 https://hooks-acme.tunnel.meshr.to
Protocols

Two protocols, unlimited possibilities.

HTTP Tunnels

Web apps, APIs, webhooks

  • Custom subdomain routing (my-app.tunnel.meshr.to)
  • WebSocket pass-through
  • Request header injection (X-Forwarded-For, etc.)
  • Optional auth (Basic, Bearer, custom header)
  • HTTPS termination at edge
# React dev server
$ meshr tunnel http 5173 --name frontend
 https://frontend-acme.tunnel.meshr.to

# With basic auth
$ meshr tunnel http 3000 --name staging \
    --auth basic --user admin --pass s3cret

TCP Tunnels

Databases, Redis, gRPC, SSH

  • Random or fixed port allocation
  • Any TCP protocol (PostgreSQL, MySQL, Redis, etc.)
  • Bidirectional data streaming
  • Auto-close when device goes offline
  • Bandwidth tracking per tunnel
# PostgreSQL
$ meshr tunnel tcp 5432 --name pg-staging
 tcp://tunnel.meshr.to:34567

# Connect from anywhere
$ psql -h tunnel.meshr.to -p 34567 -U app
Standalone tunnel tools vs meshr

Why not just use a standalone tunnel tool?

meshr tunnels are part of your mesh network — not a separate service with separate billing.

Standalone tunnel SaaSmeshr
Mesh VPN included No (tunnel only) Yes — full mesh network
SSH access No Built-in web terminal
Access policies Basic Full Zero Trust engine
TCP tunnels Paid plans only All plans
Self-hosted No Yes — your infrastructure
Session recording No Built-in
Custom auth Limited Basic, Bearer, Header
Price $8-25/user/mo Free tier + fair pricing

Spin up a tunnel in seconds.

Every feature is unlocked while we're in beta. No credit card, no commitments.

Get early access See pricing →