Warp affecting programs connections

Hello everyone! I hope you all are good.

So, I configured a tunnel on my server and installed warp for a few devices. I setup the rule to route to my internal network for RDP purposes. It does work like a charm, but I have noticed that, when Warp is enabled, Splashtop Streamer and One Drive stopped working. I wonder if I have to do any kind of rule to permit these apps to keep working, or open any ports inside my Cloudflare’s dashboard. If anyone is having similar issues, please let me know.

Thanks

Which WARP version are you using?

image

Try 2022.2 and see if it’s still an issue.

Nah! I didn’t work. Still
image
and for Splashtop Streamer it says: Please make sure network is available and Splashtop streamer ir running

I tried adding a rule on Gateway Policies → Network, and it didn’t work as well.

Do you have HTTP filtering enabled?

If so, make sure you have a Cert Pinning rule on the HTTP tab.

If not, you need to create it:

  • open the HTTP tab, create a new rule “Cert Pinning”
  • in Build an Expression, select Application + in + Do Not Inspect
  • in Select an Action, select Do Not Inspect
  • hit save. It might take a few minutes to propogate

Thank you for your suggestion! I did that but didn’t work. :slightly_frowning_face:


I waited for 30 min and still nothing

OneDrive is working for me. I have problems with Twitter, no network, and images in Whatsapp.

Problems with 1^4 set to Gateway with WARP - DNS & Network / 1.1.1.1 - Cloudflare Community

Are you in the same configuration? do you have your own tunnel and connecting WARP using your company’s tunnel (Team name)? Or you are using regular WARP?

I have a tunnel for a server, but it is not being used. I installed the 1.1.1.1 app on a ios device and activated WARP. Details in the thread linked above.

Some of the WARP IPs are sometimes blocked or rate limited, probably due to some kind of abuse.

I would suggest you to try disconnecting, waiting a few minutes and then connecting again, to see if you get another WARP IP and the problem still happens. I have no issues with Twitter and Whatsapp, but sometimes I get some CAPTCHAs to solve on Google search and a news website I usually visit that’s hosted by Akamai was blocked a few times.

I did that a couple of times yesterday and the day before. No luck. Any chance the whole POP, GRU, range is blocked? :slight_smile:

I did try that a few times. If that was the case, I couldn’t implement this to a customer of mine. I’m running some tests, but I’ve been seeing a lot of people complaining, even asking if the WARP project is dead. For sure there are people testing WARP for a while now. I wonder if Cloudflare’s support give a look at this forum at all.

You can always configure your Zero Trust network settings to route only specific networks through WARP. You don’t need to send all the traffic through.

Would be able to tell me how to do that?
are you talking about this?


or actually rules? if so, can you give an example?

Thanks

Please check this post:

It didn’t work for me :(. I have been struggling with this. Either the instructions are not clear enough or I’m not able to fully understand. I would like remote computers to enable warp and access the internal network, like a VPN would do it. Would that work?

If you want to connect your WARP clients to your internal network using a tunnel you need to add the network prefix to cloudflared like this:

cloudflared tunnel route ip add 192.168.0.0/24 theTunnelName

You also need to go to Zero Trust Dashboard->Settings->Network->Firewall and enable Proxy

Note: When you enable Proxy it takes a moment to start sending traffic through your tunnel.

Then you have to choose between two network settings for Split Tunnel (this Tunnel means WARP in general, not a cloudflared tunnel):

  • Include IPs and domains
  • Exclude IPs and domains

If you chose Include IPs and domains no traffic is sent through WARP unless it’s going to any of the networks on the list. You use this when you want to use WARP to access specific networks and use your regular internet gateway for the rest.

If you chose Exclude IPs and domains everythong goes through WARP except what’s added here. The list already includes all common internal networks.

If you add a network to be routed through a cloudflared tunnel and it’s a private network (RFC 1918) (example 192.168.0.0/24 which is 192.168.0.0 to 192.168.0.255) then:

When using Include IPs and domains: Make sure 192.168.0.0/24 IS on the list.
When using Exclude IPs and domains: Make sure 192.168.0.0/24 IS NOT the list.

PING and traceroute won’t work because ICMP is not sent through WARP.

Thank you so much for your efforts and time to respond. I have all that configuration set. After rebooting the Server, it worked. Remote computers are able now to access the RDP using internal IP. Also, I was testing with an internal machine and with WARP enabled, I’m not able to RDP the Server, not quite sure why. Maybe a rule is needed in this case?