Allow configuring the protocol used by warp teams

poscat · October 24, 2022, 3:31am

Currently, the protocol for warp teams (Cloudflare zero trust) is set to warp+doh and is not configurable. This causes issues because my ISP is blocking access to 1.1.1.1 DoH (yes… there are ISPs that does this). This can be solved by using the warp protocol, which tunnels both normal traffic and DNS. But unfortunately, this is impossible right now.

It would be nice if the protocol can be configured (by either the user or the admin). Also, are there any reasons why this is explicitly disabled for warp teams?

cscharff · October 24, 2022, 11:15am

Unfortunately there is no way to transmit identity information without using DoH. So queries would not have the organizational policies applied nor would they be associated with the org.

poscat · October 24, 2022, 11:38am

I see. Wouldn’t the source IP address suffice to determine the identity of the requester?

poscat · October 27, 2022, 7:48am

Would it be possible to configure warp so that it sends the DoH traffic inside the tunnel?