Not exactly, there are several related services hosted on the same remote server, currently accessed over a Wireguard tunnel. Client machines speak to the server on multiple ports, and most of of the services are HTTP, but one is not.
I have two issues with trying to use CF for Teams to replace Wireguard and maybe you can point me in the right direction.
The first problem is that the behavior of the non-HTTP TCP service does not seem to work with CF for Teams. I tried to use CF for Teams bastion mode to have a separate VM sitting next to it to deal with this, but the problem is that the license key server that runs on this server sees the server address being used by the client in the handshake from the client. With bastion mode that meant the client requesting a key was telling the license key server that it was connecting to “localhost:5000” for example. The license key server knows its address as part of its own key, so it does not believe it is called “localhost” and immediately closes the port. Queries to that license key service need to be addressed to either to its non-routable IP or its FQDN.
The second issue is what made me create this question on the forum - performance issues that appeared after rolling out browser isolation. A collaboration service runs on the same server as the license key service. This can be accessed with a thick and a thin/browser client. My initial test user did not report that there were intermittent performance and stability issues with the thin client after I enabled browser isolation for their account, and they were not a thick client user. When I broadened the rollout to a mix of thick/thin users it became clear that for some reason even though the non-routable range being forwarded over the Wireguard tunnel was excluded from browser isolation, it was causing intermittent connection failures and timeouts for both the thin and thick client (which had different behaviors apparently due to different timeout tolerances). I rolled browser isolation back from all users, then spent some more time testing the thin client in my own environment and just poked through the user interface while turning CF for teams on and off. The impact on login time and load times was very noticeable and if you poked it enough you’d get a timeout on occasion.