diff --git a/content/tips/go-mod-proxy.md b/content/tips/go-mod-proxy.md
new file mode 100644
index 0000000..d1390ad
--- /dev/null
+++ b/content/tips/go-mod-proxy.md
@@ -0,0 +1,33 @@
+---
+title: "Fetching Go Modules via `goproxy` Inside VPN"
+date: "2023-06-22"
+---
+
+I think I finally setup the holy grail of universally being able to
+fetch-by-proxy go modules through a firewall using
+https://github.com/goproxy/goproxy
+
+On your internal host (such as your work machine), run the following:
+
+```shell_session
+GOPRIVATE=git.company.com GOMODCACHE=~/go goproxy server --address localhost:9981
+```
+
+On external host (such as a network isolated Linux VM): 
+
+```shell_session
+ssh -L 9981:localhost:9981 $INTERNALHOST &
+GOPROXY=http://localhost:9981,direct go mod tidy
+```
+
+Of course, the tunneling is optional and you can use a non-`localhost`
+`--address` when running `goproxy server`, but then of course you are dealing
+with this proxy being open on the LAN, which may upset security in some cases.
+
+And bam! Now you can fetch go modules as if you're on the VPN even if you're not
+on the VPN.
+
+You can use something like `go env -w GOPROXY=http://localhost:9981,direct` to
+avoid prefixing all your `go` commands with the environment variable. Obviously,
+this can cause things to break weirdly if/when the `goproxy server` dies or the
+tunnel is disconnected. Tread lightly!