CF warp tunnel into lan for warp devices only

hello to you for reading this :slight_smile:

  • what i try to do

what i try to do is to get access to a lan domain for the devices that have warp

maybe i did not understand the documentation correctly, so here that i did

  • firewall: allow regex all from user registration domain, block regex does not match user registration domain
  • split tunnels: Include IPs and domains → added domain.lan and ip 192.168…
  • Access → Tunnels → Private Network: 192.168…

what i am doing wrong?
what i am missing?

Forgot to put on the done list Cloudflared is running on the server and registered via link

I’m not sure I understand what you’re trying to achieve. Do you want to exclude LAN traffic from WARP? Or do you want to use WARP to access your LAN network while on the go?

yes, i want to do this, sorry english is not the main language

You have to install cloudflared on a server on your local network. Take a look at this tutorial on how to connect a private network to Cloudflare: Connect private networks · Cloudflare Zero Trust docs

one note for anyone reading and checking the docs needs to be included in “Include IPs and domains” list for split tunnel or the test will fail

i can get the tunnel to work for a but not for example.lan … i wonder if i need to run cloudflared + tunnel at network level instead on the actual server in order for the tunnel to get the lan domain

Domains like example.lan are not public and can only be resolved by your local DNS server (most likely your router). When using WARP, DNS requests are resolved by Cloudflare’s public resolver.

It is technically possible to use local TLDs together with WARP, but you’d need to configure “Local Domain Fallback” in the WARP client and manually set your OS DNS resolver to your router’s IP address. I would recommend just using public a TLD instead.