Configure Cloudflare DNS (NOT WARP) on WireGuard

I have an Android device with the Cloudflare app. It works so well, but there’s just one problem I have with it: it cannot be used with the YouTube app, and that’s a major problem. On, I use this video for reference (Pokémon Sword & Shield - Title Screen (HQ) - YouTube), it loads with no buffering on 720/1080p, but I can’t get the same experience in the YouTube app cuz the Cloudflare app just won’t allow it.
So I tried configuring Warp on the WireGuard app with this (GitHub - maple3142/cf-warp). It works with YouTube better, but now multiple other apps complain that I’m using a proxy or private IP address (they pick up the Allowed IPs are of as well as ::/0. So I tried multiple ways to use WireGuard without apps thinking I’m on a private network, but every single time I try, I lose the non-buffer experience on YouTube and other video apps (because for some reason, the allowed IPs MUST ONLY be AND ::/0). I constantly have to make that tradeoff between no buffering and restricted access to no-private-IP sites, and I’m at my wit’s end.
Another thing I find out is that Warp sometimes causes the same privacy issues on certain cites, but the normal in the app doesn’t (I don’t buffer on either way)

So here’s the question: how can I configure WireGuard to work EXACTLY the way the Cloudflare app does, but with the, NOT Warp
Someone who can test this and help me out would be MUCH appreciated. Thank you.

1 Like

Your output config could probably be configured the way you want by removing the AllowedIPs directives at the bottom and replacing it with this:

AllowedIPs =,

Since the Interface section of the config contains DNS = this should tunnel UDP DNS over wireguard but leave the rest of your traffic unaffected. Whether or not apps still see you as on a “private” network is unknown as they likely don’t all use the same mechanism for doing so - I could imagine a check being to see if a VPN is connected at all and then to assume it’s private if so.

But, you should know that this is NOT how the App works. The App works by creating a VPN, intercepting all UDP DNS requests, and forwarding them via DNS over HTTPS (DoH). The above config should be pretty similar to DoH since it uses Wireguard to tunnel and then send all DNS requests to CF, but it’s not the exact same as the app. If you want that experience, you could set up DoH in your browser or in Windows (in the future - it’s currently only on insider builds)

1 Like

Well, thanks for the tip. I tried those IPs and no longer do websites see my IP address as private, but I still encounter buffers in (maybe not as bad as before, but still)

1 Like

By chance, have you tried with other Wireguard hosts/VPNs? If there’s still buffering it might be because of Wireguard in general, but I can’t attest to that.

1 Like

I don’t know how to successfully start a new WireGuard host from scratch, so I can’t say. I just know that so long as the IP is I can stream my videos just fine. I use but still buffers from fine to time.
In WireGuard, the data transfer was double-digit MBs for the private IP. The ones that you gave me, along with others I’ve tried were just under 30KB. I’m hoping to find one that is closest to the private IP’s speed.

I did some deeper digging, and according to this (Using Warp config on WireGuard without IP · Issue #28 · maple3142/cf-warp · GitHub) the may not be the problem. It might be the endpoint, which is That’s a private endpoint from what I understand here (GitHub - sshwispio/wireguard), and that there is a public endpoint I can use. Help me out here please, cuz I’ve been searching for something like that with no luck whatsoever

If you enable your custom wireguard config and go to my ip - Google Search, does it show your real IP or a Cloudflare warp IP (which usually starts with 8.)?

Yes, it does. If it helps, it’s


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.