Integrate Cloudflare WARP and Access for Teams

Cloudflare WARP is super easy to install.

Having users get up and running to access for example RDP using Cloudflare Access - not so much. Get cloudflared running, then this, then that.

Would be great if cloudflare teams users could use WARP to access their non web app apps (ie, Remote Desktops / RDP etc). On server / app side, fine to use cloudflared to get tunnels going, but users should just be a simple app on windows.

And split tunneling then critical so just office traffic, items for servers and remote desktops go over the work network and netflix / youtube stuff goes its usual way.

They are actually working on it:

After following the steps, just turn on WARP and give it a try.

Currently this feature is still lacking some features e.g. audit logging and per-app authentication.

You may also refer to the below topic:

1 Like

Fantastic - I will experiment.

Some notes:

To allow easier migration to this new cloudflare model (this is what messed us up with IPv6 from IPv4) would be great if we could define in cloudflare for teams that JUST the cloudflare ranges defined route over WARP. Ie, an nothing but this routes (vs an everything but this).

This would allow for deployment IN OFFICE / inside the existing network perimeter more easily and allow workloads to co-exist.

Similarly, for work from home, we have just some workloads that need to go over WARP to office. Local printers, music, etc etc don’t, and we never know what remote users local network looks like. So again, the split tunnel option, but focused on routing JUST workloads for zones in IP ranges defined would allow for an easier ramp up (eventually I could see going fully onto the model).

THis might also work as a defined exception to an exclusion from routing if that’s a request. Ie, don’t route 0.0.0.0/0, DO route 192.168.47.0/24 is routed. This may solve some other split tunnel needs. But the first is my preference, just a simple route only workloads on zero trust model.

I think cloudflare could really clean up relative to alternatives here with this. If you can support MOST ip workloads using a simple to install client without messing up access to local printers / youtube etc (biggest source of user complaints comes from this, and the overhead of doing carveouts per user is too high) cloudflare is going to dominate as long as WARP network latency is not bad. And not everyone wants all their home traffic going over some work managed gateways.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.