Help with Wireguard and Cloudflare Tunnel

My ISP uses CGNAT and hence I am unable to use wireguard.
I read that I can bypass the CGNAT by using a cloudflare tunnel.
I have created a tunnel and downloaded and run the connector on my local windows PC which is behind the cgnat.
Not sure what I need to do next to use wireguard. Any help would be highly appreciated (step by setp please).

You can use Cloudflare Tunnels + the WARP client (which uses WireGuard) as a VPN directly. Running WireGuard on top would just slow down the connection.

1 Like

Thanks. I did read that and tried it.
It says it’s connected but I am unable to access the local LAN where warp is running.
Here’s what I’ve done:
Installed cloudflared on a windows PC on the local LAN that I want to access.
Installed WARP on my laptop from where I will access the LAN.
Logged in from WARP to my zero trust team.

Did you create a virtual network and set

    enabled: true

in your tunnel configuration?

I’m not sure where to run that command.

Please follow this guide closely:

1 Like

Followed the guide, but I still can’t get it to work.
If I create a public hostname and redirect it to an ip on my lan, I’m able to access that, but am not able to expose my entire network.
My ip’s are in the range.
What should my private network be set at and the split includes/excludes?

Played around with settings and I am now able to open devices on the network on my browser.

However, for Remote Desktop and to access computers on the network, I have to use their IP addresses rather than their Hostnames. Is there a way to access them using hostnames? Thanks.

Not easily, no. Local hostname → IP address resolution is most likely handled by your router (it acts as a DNS and DHCP server). When you are connected to WARP, DNS queries are handled by Cloudflare’s recursive DNS resolver rather than your router.

Thanks. I’ll work around that.
I do have another strange issue. I am unable to access the network while connected through wifi. But when I switch to 4G/5G, I can access it. This is on my phone as well as laptop - what could be the reason for this?

Spin up a free vps on oracle, aws, or google cloud and run the server there. Free tier might be plenty.

Or use something like ngrok to handle the nat punching

@msb101 Assuming the wifi with which you are having trouble is your home network. Then you’ll need to enable hairpin nat or loopback nat or whatever your router’s software calls it.