Now if I connect to emby.example.com, I can see my website, locally hosted on port 8096, from an external computer.
What I can’t do is connect to Windows RDP: it is locally active on port 3389, with “Require Network Level Authentication” disabled. However, if I open RDP client on an external computer and connect to rdp://rdp.example.com the client simply doesn’t find anything. Why?
Thanks for your input! Does this apply to Windows File Sharing as well?
Do you think it’s possible in some way to make my local machine accessible to the web for RDP/file sharing, exactly as if it was a Windows VPS (so no need for clients to use Cloudflare)?
I’m kinda missing here what makes RDP an arbitrary TCP and an HTTP server not arbitrary.
Cloudflare is fundamentally an HTTP(S) proxy. Cloudflare Tunnels creates a persistent http connection to Cloudflare’s edge to proxy traffic from Cloudflare’s edge to the origin.
On the client side, Cloudflare is looking for and expects HTTP based connections (specifically the host header field for our purposes). A protocol like RDP has no concept of a host header or the HTTP protocol… so it has to be encapsulated in a wrapper (cloudflared) to send the header to the edge to be routed and to subsequently be decoded and routed by the tunnel instance to the origin.
The other option (using Cloudflare Warp client and network routing) uses Cloudflare’s routing edge to use identity and destination to determine routing rules.
Otherwise the record would need to be and exposed at the firewall. Ok… maybe on an Enterprise plan there might be one other possible option (Spectrum + Magic WAN) but that’d be something most enterprises wouldn’t implement for a variety of security reasons.
and exposed at the firewall. Ok… maybe on an Enterprise plan there might be one other possible option (Spectrum + Magic WAN) but that’d be something most enterprises wouldn’t implement for a variety of security reasons.