Problem with "using private network using cloudflare tunnel"

Hello,

I’m interested in using cloudflared tunnel to create private network using official tutorials from here. My conditions right now is :

  1. I want to access my local private network that is behind ISP NAT (and no public ip address given) from remote location like when I’m away.
  2. I have domain name (but no server ip address pointed to) managed by cloudflare, as requirement to get cloudflared login running.
  3. I have followed the instruction in tutorial link above successfully (minus installing certificate because the local domain is not using https, I just want to make sure it is running first), and set up my device with cloudflare for teams successfully
  4. cloudflare tunnel route ip show config :
192.168.1.0/24         <id>  <my tunnel name>     2021-08-08T05:31:53Z -  
  1. i also have managed to run the tunnel as a service and

sytemctl status .service shows it’s active

but when I tried to access for example :

http://192.168.1.10/admin
from my device google chrome browser with cloudflare for teams on, it doesn’t connect to my local server (page loading very long and just shows blank screen).

Hello @ark.phone ,

Can you post the output of accessing https://www.cloudflare.com/cdn-cgi/trace from your WARP device?

Also, can you make sure that 192.168.1.0/24 (or any superset of that) is not excluded by WARP via its Split Tunnel config (in dash.teams.cloudflare.com → Settings → Network → Split Tunnel)?

sorry for late answer, here’s the output trace from my warp device

fl=218f2
h=www.cloudflare.com
ip=<my ip address from whatismyip.com>
ts=1629902764.069
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
colo=CGK
http=http/2
loc=ID
tls=TLSv1.3
sni=plaintext
warp=plus
gateway=off

as for the split tunnel, I already remove 192.0.0.0/8 or similar like below :

That gateway=off is the problem.

You need to go to dash.teams.cloudflare.com → Settings → Network → Proxy (toggle on)
This is the step of https://developers.cloudflare.com/cloudflare-one/tutorials/warp-to-tunnel#enable-the-cloudflare-proxy that you may have missed

Thank you, I must’ve missed the proxy toggle setting because I thought it was part of " Configure the Cloudflare certificate" to inspect traffic (which I also thought it was optional).

Oh just one more question, in the tutorial it’s stated for cloudflare for teams to work you have to have a domain managed by cloudflare. is it optional? since when I try

cloudflare login

it ask for website that cloudflare managed for my account.

Yes, that’s still accurate. It’s a requirement that stems from semi-unrelated legacy functionality, but it still holds.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.