WARP + Zero Trust always in connecting state

oscar.dearriba · June 1, 2023, 10:23am

Hello,

My team has started using WARP + Zero Trust a few days ago and we are preparing the release for the whole organization.

However, we are facing a strange situation: when logged in to the Zero Trust team, the app randomly disconnects and only shows Connecting. At that point, local DNS resolution fails and only the public DNS configured in our PC works, avoiding DNS inspection and protection.

The traffic continues going through the WARP network, but all security measures are disabled as the DNS server is not working.

In macOS and Windows, the network connectivity continues working as the OS fallback to the system-defined DNS. In Linux, the DNS fallback is not executed and the computer loses connectivity (no DNS resolution at all).

We have reduced all our configuration to the bare minimum:

Only check domain name of the user to allow devices
Only one default device profile with default split tunnel configuration
No firewall blocking rules

As a bonus, if we manually restart the service of Cloudflare WARP, it successfully connects for the first time but a few minutes after that it enters again in this Connecting state.

This is a problem for us, as we have a highly distributed team and losing connectivity in this random way makes it a stopper for us to release it to the whole company.

Also, we have opened two support tickets, one of them 5 days ago and no response after support checked that we had no other VPN running (we have several domains in the Business plan).

It is hard to believe that there may be thousands of users with this kind of errors happening, so it have to be something related to our configuration.

Any ideas how to fix this?

marcus.ramberg · June 5, 2023, 10:20am

Can just chime in that we are experiencing the same problem, have a support ticket open towards cloudflare on this. Seems to happen whenever we reconnect after being connected once.

oscar.dearriba · June 5, 2023, 10:40am

We have open three different support tickets, one of them has been there waiting for one week already and no answer so far.

Through chat (we are paying the non free tier) no answers as for the operator it looked like “a complex issue” and needed to move it to anyone else.

At this point we are considering moving away from WARP+Zero Tunnel as VPN is a critical aspect of our business and we cannot afford having a week of interruption waiting for a support ticket

marcus.ramberg · June 5, 2023, 10:42am

Also, can confirm that it has to be some sort of account related problem, as I have a personal cloudflare account as well, and log out warp and log into that one, everything is fine. But have tried comparing all the settings and I can’t seem to see any meaningful difference between them. And our ticket has been open for 10 days without any response after being opened by support via the chat.

oscar.dearriba · June 5, 2023, 11:11am

For us it is the same: using a zero trust team from another account works perfectly.

marcus.ramberg · June 29, 2023, 12:19pm

Minor update: Cloudflare Support responded to our ticket about this today after a month and said they have a long running Warp connectivity incident open, and that they will update us when it has been resolved. Bit surprised that this is not mentioned on their status page.