Configuring a tunnel for SIP, need UDP and TCP on the same subdomain

I want to install a PBX on a Raspberry Pi that is on my home network with a dynamic IP address. I want to avoid opening ports on my router.

The PBX, uses the following protocols and default ports :
RTP (through UDP) : 1024 - 65535
UDP : 5060
TCP : 5060
TLS : 5061

The Raspberry Pi is running Cloudflared. How can I configure the tunnel to allow this traffic and block everything else?

Thank you for your assistance.

I forgot to add, my cloudflare account is already set up with a domain name and I would like these ports to all be accessible through the same subdomain.

Cloudflare Tunnels use Cloudflare’s proxy, which only supports proxying HTTP Traffic. If you want to use non-http applications over your tunnel, Cloudflare has a few other options, which require software to be installed on the connecting client. If that doesn’t work for you/you need public access to non-http applications without the connecting client installing software, Cloudflare’s other products that can do that is Spectrum Enterprise or Magic Transit, neither of which have any integration with tunnels (i.e you’d still have to port forward), and they are both behind Enterprise agreements.

If that does work for you, since you want to use Arbitrary UDP, and multiple ports as well as TCP, you can use Private Networking with WARP, and you need to install WARP (logged into your Zero Trust team) on the device that you want to be able to connect to those services:

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.