Help with Wireguard and Cloudflare Tunnel

msb101 · June 6, 2023, 7:53am

Hi,
My ISP uses CGNAT and hence I am unable to use wireguard.
I read that I can bypass the CGNAT by using a cloudflare tunnel.
I have created a tunnel and downloaded and run the connector on my local windows PC which is behind the cgnat.
Not sure what I need to do next to use wireguard. Any help would be highly appreciated (step by setp please).
Thanks.

albert · June 6, 2023, 8:07am

You can use Cloudflare Tunnels + the WARP client (which uses WireGuard) as a VPN directly. Running WireGuard on top would just slow down the connection.

msb101 · June 6, 2023, 12:49pm

Thanks. I did read that and tried it.
It says it’s connected but I am unable to access the local LAN where warp is running.
Here’s what I’ve done:
Installed cloudflared on a windows PC on the local LAN that I want to access.
Installed WARP on my laptop from where I will access the LAN.
Logged in from WARP to my zero trust team.

albert · June 6, 2023, 1:00pm

Did you create a virtual network and set

warp-routing:
    enabled: true

in your tunnel configuration?

msb101 · June 6, 2023, 1:08pm

I’m not sure where to run that command.

albert · June 6, 2023, 1:14pm

Please follow this guide closely:

msb101 · June 7, 2023, 3:41am

Followed the guide, but I still can’t get it to work.
If I create a public hostname and redirect it to an ip on my lan, I’m able to access that, but am not able to expose my entire network.
My ip’s are in the 192.168.0.0 range.
What should my private network be set at and the split includes/excludes?

msb101 · June 7, 2023, 8:35am

Played around with settings and I am now able to open devices on the network on my browser.

However, for Remote Desktop and to access computers on the network, I have to use their IP addresses rather than their Hostnames. Is there a way to access them using hostnames? Thanks.

albert · June 7, 2023, 11:39am

Not easily, no. Local hostname → IP address resolution is most likely handled by your router (it acts as a DNS and DHCP server). When you are connected to WARP, DNS queries are handled by Cloudflare’s recursive DNS resolver rather than your router.

msb101 · June 7, 2023, 1:59pm

Thanks. I’ll work around that.
I do have another strange issue. I am unable to access the network while connected through wifi. But when I switch to 4G/5G, I can access it. This is on my phone as well as laptop - what could be the reason for this?

saalak39 · June 12, 2023, 1:34am

Spin up a free vps on oracle, aws, or google cloud and run the server there. Free tier might be plenty.

Or use something like ngrok to handle the nat punching

emailkanji · June 18, 2023, 11:20pm

@msb101 Assuming the wifi with which you are having trouble is your home network. Then you’ll need to enable hairpin nat or loopback nat or whatever your router’s software calls it.