I’m struggling to understand how to have Cloudflare DNS enabled and still allow UDP 3478 through to my endpoint as it appears that Cloudflare is blocking it.
Is it classed as a non-standard port/service and therefore will not work on Cloudflare or is there a workaround?
Broken: Multiple Client sites → Cloudflare DNS (on / orange cloud) → (firewall ports open) Unifi Controller
Good quality DNS is the whole reason I’m using Cloudflare as a solution, so while your suggestion of IP direct access would work it’s not a sustainable solution.
What would be cool is if we can find a workaround for setting the STUN target and the management target separately so that I can do just as you suggested and set the controller to - I have seen mention of this in the documentation but I can’t find a comprehensive answer at present.
Cloudflare has an additional product in their portfolio, Spectrum, which supports proxying of general TCP traffic but it comes at quite a hefty price tag.
Direct access would still use Cloudflare’s DNS platform, it simply wouldnt proxy through Cloudflare. If the latter is also part of the reason of you using Cloudflare you clearly cant disable it, but you’ll be subject to aforementioned restrictions.
or be accessed by devices by IP.