Skip to main content

Connect to MCP servers in a private network

Reach MCP servers running inside your VPN, VPC, or private subnet—you run a small reverse proxy that dials outbound to a MintMCP-hosted tunnel endpoint, and MintMCP routes requests to your internal servers through that connection.

Available on MintMCP Enterprise plans.

When to use the private network tunnel

  • Your MCP server runs inside a VPN, VPC, or private subnet that MintMCP can't reach directly
  • You don't want to open inbound firewall rules, set up VPN peering, or pin static egress IPs
  • You need MintMCP's authentication, policy, and audit logging to apply to those internal servers

For MCP endpoints already reachable on the public internet, use Add a remote MCP instead.

How it works

MintMCP runs a tunnel endpoint outside your network, and you deploy a reverse proxy inside your network configured with the tunnel URL and a shared secret. The proxy opens a persistent, TLS-encrypted connection outbound to the endpoint and holds it there.

Setup diagram: the reverse proxy inside your network dials outbound to the MintMCP tunnel endpoint over TLS, authenticated by a shared secret

Once the tunnel is up, the runtime path for any MCP request is:

  1. A client sends an MCP request to MintMCP from wherever it runs
  2. MintMCP authenticates the call and applies gateway policy
  3. The request is forwarded down the open tunnel to your reverse proxy
  4. The proxy calls the internal MCP server over whatever transport your network already provides (plain HTTP on a private subnet, mTLS, service mesh)
  5. The response travels back along the same path to the client
Runtime diagram: a request flows from the MCP client through the MintMCP gateway, down the persistent tunnel to your reverse proxy, and into the internal MCP server

What you deploy and configure

The reverse proxy ships as a single container, available as a Helm chart or an npm package. It runs as a non-root user, exposes no Service, and has no inbound ports — the only traffic it ever sends is outbound 443 to MintMCP.

You configure two values:

SettingDescription
Tunnel URLThe MintMCP-hosted endpoint the proxy connects to
Shared secretA per-tunnel secret the proxy presents on connect

You don't configure a list of upstream URLs in MintMCP—your network policy decides which internal hosts the reverse proxy can reach, so the trust boundary stays where your security team already manages it.

Security properties

  • Outbound-only: every connection is initiated from your side, so no inbound firewall rules are required and no static MintMCP IPs need to be allowlisted
  • Encrypted and authenticated: the tunnel is TLS end-to-end, and each tunnel is authenticated by its own shared secret
  • Network policy as the trust boundary: access to internal services is governed by your network policy, not by URLs configured in MintMCP
  • Rotation without downtime: shared secrets can be rotated without dropping the tunnel
  • Audit trail: every request and response through the tunnel is logged with the same identity and policy context as any other MintMCP request

To provision a tunnel for your environment, contact us.