The existing Argo tunnelling feature is great for security! We use it quite a lot and has worked flawlessly.
We’re now interested in doing a very similar thing, but for raw TCP/UDP sockets. Using any combination of Cloudflare products, is this possible?
An instance of a VPN server lives inside a Kubernetes cluster. The VPN server hosts OpenVPN on port 1337 (TCP/UDP… doesn’t matter). As part of the Deployment, there is a cloudflared service running as a side-car that creates a tunnel between cloudflare and port 1337 on the VPN Pod.
cloudflared automatically creates a DNS entry like vpn.example.com
Users point their VPN client to connect to vpn.example.com:1337 and are seamlessly connected to the VPN (through Cloudflare).
The above scenario is possible with HTTPS, but is it possible with other protocols on other ports? I’m thinking if Spectrum and Argo can talk to each other, this may be possible?
At the moment, no. A cloudflared TCP client doesn’t actually connect via TCP, it opens a port (eg. listening on localhost) on the computer that runs cloudflared access and forwards packets to Cloudflare over a websocket connection. I’m also interested in basically a “Argo Tunnel but for Spectrum” product and I asked about that here.