Argo Tunnel on KEMP loadbalancer

After reading https://developers.cloudflare.com/access/about/quick-start I am stuck on how to setup an argo tunnel if the endpoint is a loadbalancer ? I can’t setup cloudflared on it. The loadbalancer is KEMP. I could not find anything on the cloudflare KBs for on-prem loadbalancers. Any clues ?

The only thing I can think of would be to put a box in front of it that can run cloudflared.

@sdayman and then ? the cloudflare tunnel will terminate on that box with a different internal IP … That won’t work.

If it terminates on a box with an Ingress Rule that points to the local IP address of your Load Balancer, I’d think that would connect. I’ve not tried this and I could be wrong.

@sdayman If the local IP is different from the IP of the loadbalancer I don’t see how this would work. Unless you can just have 1 server inside your network handling all the cloudflare tunnels for other local servers. But That is not how Cloudflare Access was designed… or is it ?

Cloudflare Tunnel is a CNAME in your DNS page here. People who connect to that hostname get their traffic sent over the tunnel to the endpoint. The endpoint Ingress Rules includes a service: line with the URI https://123.123.123.123:443

1 Like

Argo documentation is very minimal :frowning: I would like to have some real docs.

This isn’t Argo or Access. It’s here:
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup

@sdayman is there a place we can private message ?

@sdayman Its argo. When you perform a cladflared tunnel login you are sent to the Argo tunnel page.

If anyone else can guide me through this ? I am willing to privately share some details as to explain what I want to achieve.

As part of that change (and to reduce confusion), we’re also renaming the product to Cloudflare Tunnel. To get started, sign up today.

From this blog post:

This is Argo:

@sdayman Now I am even more confused. Without any useful guides here I am moving to another product. Nice that they have these features but its lacking proper documentation.

Where is the dislike button ?

This is how Cloudflare Tunnel works. If your load balancer does not allow you to access the terminal and install cloudflared then you need another server just to handle the ingress traffic coming from Cloudflare to your load balancer

Also I saw you keep asking about documentation. Try refer to this when you are crafting your configuration file, just that the service should point to your load balancer private IP address instead of localhost. I believe it shouldn’t be difficult to understand.

https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/config

2 Likes