Routing to multiple sites/subnets

I have three geographically dispersed subnets. 90% of the internet traffic goes to one of the subnets, and this works well.

Some internet traffic is also routed to the two other subnets, and using public DNS and tunnels, this is also working.

Where I am having an issue is, traffic between the three sites. For example, I have a master portainer installation on my office subnet, using private networks, I would like to manage docker hosts on the other two subnets. There is also other tcp traffic that needs to be routed through the private subnets.

Each subnet has different ip addresses,, and

I currently have one cloudflared daemon running in each subnet, each creating a separate tunnel. Tunnel A, B, C. My workstation in B, has Warp installed, and I can ssh and rdp to individual hosts via the three tunnels using Applications and Application Policies.

Where I am having a problem is Linux hosts in the three sites finding each other. They cannot even ping each other at the moment.

My first question is, is it possible for hosts on one tunnel to talk to hosts on a different tunnel, providing they are in the same team? Or should I put all hosts in the same tunnel?

Secondly, my assumption is that each host that needs to talk to a host in a different site/subnet will need a copy of cloudflared running for it to know about the subnets?

If someone could help with this, either with advice, or better still a link to a similar example, I would be very grateful.

As far as I know the Cloudflare Tunnel private network setup does not support east-west traffic communication. The private network access is intended for WARP users only.

The product that allows east-west communication should be under Cloudflare Network Services, called Magic WAN, however it’s an Enterprise-grade feature that costs a lot of money.


Many thanks for the feedback. Will look into Magic WAN

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.