Cloudflare Tunnel Site-to-Site?

Pedi · June 11, 2022, 1:05pm

Hello,
i have a question.
Is it possible to build a tunnel from the SFTP server via Cloudflare to the storage server?
So that the outgoing traffic from SFTP goes via CloudflareTunnel 1 to Cloudflare and from there via CloudflareTunnel 2 to the storage and back (encrypted)?

Example:
SFTP Server (10.0.0.50) <–>CloudflareTunnel-1 “SFTP Server” <–> Cloudflare <–> Cloudflare Tunnel-2 “Storage-Server” <–> Storage (Second Private Network 192.168.1.50)

Thank you

KianNH · June 11, 2022, 1:24pm

The private network routing feature of Cloudflare Tunnels is point-to-site - meaning that it requires a client on the device that is accessing the remote network advertised by Tunnel.

I.E your SFTP server would have WARP and that’d allow it to talk to your storage network, which would have cloudflared somewhere to act as the ‘gateway’ into the network.

This means that the SFTP server can initiate a connection and talk back and forth with the storage network but not the other way around - if you wanted storage to be able to initiate a connection as well then you’d do the same setup but in reverse.

Pedi · June 13, 2022, 9:05am

Hi,
thank you @KianNH. I will try it

Now i have a second question, is it possible to use sftp-protocol with Cloudflare tunnel?

Storage(SFTP) <–> CloudflareTunnel1 <–> Cloudflare <–> CloudflareWARP/Access <–> e.g. BackupServer(SFTP/ is Client)

Thank you guys

KianNH · June 13, 2022, 9:06am

WARP/Private Network routing is any TCP & UDP traffic - no ICMP.

Pedi · June 17, 2022, 12:44pm

Thank you very much @KianNH, my test worked now.
I have only some understanding questions
What i understand is, you can run one or more tunnel’s inside the infratructure.
In my i.E./LAB: 1 Server with Proxmox and you have multiple VM’s,
Proxmox
|->VM1
|->VM2
|->VMN

What i understand from the docs is, you can run cloudflared tunnel on VM1 and you can configure it to protect VM2/VMN applications OR you can run on each VM a tunnel, is it right?

If yes, can you install Cloudflared Access CLI on VM1 and connect VM2 to remote Storage? i.E. VM2 Backupserver <–> VM1(Cloudflared Access CLI) <–>Cloudflare<–>CloudflareTunnel1<–>SotrageServer(AnotherDatacenter)
or you need on each VM which want to connect to protectet applicaton/server cloudflared access/WARP?

Thank you very much for you help
Pedi

Topic		Replies	Views
Setting up an IPSec VPN tunnel on Ubuntu Cloudflare Tunnel CloudflareTunnel	1	1730	June 15, 2022
Outbound tunnel and inbound remote access? Cloudflare Tunnel	2	1614	January 23, 2023
Architecture Question: Tunnel Reverse Proxy Cloudflare Tunnel CloudflareTunnel	11	3501	April 11, 2022
Mail server over Cloudflare tunnel? Cloudflare Tunnel	1	8487	September 18, 2021
CloudFlare Tunnel for OpenVPN Cloudflare Tunnel	5	19990	January 19, 2024

Cloudflare Tunnel Site-to-Site?

Related topics