I have been looking into utilizing clouflare access for an RDP tunnel. Currently I am pretty impressed seems to be working well.
I’m just wondering if there is any way to run the cloudflared.exe piece as a service from the workstation that is connecting to the tunnel? Or does the user need to run the command/use shortcut in order to initiate the connection?
I did build a batch script the fires up a silent cmd prompt with connection and then opens rdp automatically which works well but might be overkill if there is a way to run it as a service.
From what I have found so far only the tunnel side can be run as a service.
Hi @3Sherpas As per your request I’m just wondering if there is any way to run the cloudflared.exe piece as a service from the workstation that is connecting to the tunnel? Have you checked cloudflared as a service.
I have read that document. But the service only seems to run with the tunnel flag. Is it possible to run it with access rdp instead? Aka always on persistent tunnel
Curious if there’s any way to do this. I’ve tried to add the access options to the service, but it only seems to pop up the login page if you run it in a command prompt under the users.
I don’t believe that it is possible to run the client as a service at this time because I don’t believe that the service can open a browser windows for you to authenticate. I might be mistaken on this but have yet to find a way.
I have created a couple very basic script files to workaround the need to keep CMD prompt window open while using session. I have added these files to github so that others can look/use them -
In a nutshell here is what the scripts do
launch a silend cmd windows with cloudflared.exe command in it
launch a rdp session from command prompt which should open a browser for Cloudflare access auth
cloudflared process gets killed once the RDP session is closed.
It’s probably not the best solution but I have deployed this to a handful of users and have not heard any complaints/issues yet.
Thanks, I’ll check that out. I was hoping that launching as a system service would allow a user to trigger the login browser when starting the RDP session, but no such luck.