(First time poster)
We’re new to Cloudflare and are trying to replace our traditional VPN client with Warp client using the Warp client in ZeroTrust access mode.
We were able to successfully setup remote access from a laptop to connect back to our corp. office server on our internal/private network via Warp client / cloudflared on the server (Access Applications
Private Network). Great - however, we noticed that when a Warp client returns to the office and connects to the local/internal network, it does not recognize the new context of being in the same network as the server and continues to access to the server via the Cloudflared tunnel, instead of just directly accessing the server on the subnet they share.
In Cloudflare Zero Trust management panel, we then configured the internal private within Settings Networks
Split Tunnels
Exclude IPs and domains which makes it then behave correctly when inside the private network, but breaks the remote access to the server.
If we delete the Split Tunnel network exclusion, remote access works again, but local Warp clients flow through Cloudflare to access local server.
So - the big question: Is there a way for Warp clients to automatically/transparently bypass Cloudflare to access internal network resources when connected on the LAN, while continue to be able to access internal networks / servers remotely via Cloudflare from public internet?
The Warp client is working great for DNS/HTTP filtering policies, device posture, and this remote access / split-tunneling issue is really the last hurdle to overcome for us to fully adopt it.