Last step is to configure WARP's "split-tunnel" feature. Login with your Cloudflare Teams account and afterwards, the WARP client will show that you're part of a team: To do that, open WARP's preferences, go to "Account" and click "Login with Cloudflare for Teams". However, we want to use it to access our tunnel. The app acts as a free VPN service and protects your internet traffic on untrusted networks. Start by installing Cloudflare WARP on your devices. Next step: connect your phone and laptop to Cloudflare, so they can route traffic to your home network. Step 3: Configure your devices (Cloudflare WARP) I whitelisted everyone with an address (which is only me): Here you can create a rule that only allows people with a certain email address to access your Cloudflare Team and the tunnels assigned to it. Head over the Teams dashboard > Settings > Devices > Device enrollment and click on "Manage": Next, you need to make sure that not everyone can login to your Cloudflare Team. The daemon itself is very lightweight and only consumes 11MB of memory and barely any CPU:Ĭloudflare Daemon resource usage Step 2: Configure your Team You can even expose multiple networks or VLANs by using the same instructions. Your home network is now connected to Cloudflare. My home network is running in the range 192.168.2.0/24, so I have to do: cloudflared tunnel route ip add 192.168.2.0/24 tunnel-home Create a configuration file config.yaml inside ~/.cloudflared/ directory with the following contents: tunnel : tunnel -homeĬredentials-file : /root/.cloudflared/YOUR -TUNNEL -UUID -HERE.jsonĪll done, now you can start the tunnel: cloudflared tunnel run tunnel-homeįinally, tell the tunnel which traffic it should route. Now we have to tell cloudflared that this tunnel should be accessible via WARP. Cloudflare now knows about your tunnel, but no traffic can flow through it yet. This command will spit out a UUID of your tunnel. I choose tunnel-home: cloudflared tunnel create tunnel-home Next, create a tunnel and give it a name. With the daemon installed, login to your Cloudflare Team account: cloudflared tunnel login I chose Alpine Linux as the template, which required an additional dependency: apk add libc6-compat I installed it inside an LXC container on my Proxmox server. To install cloudflared, follow Cloudflare's documentation. Here, that's cloudflared and it will open a tunnel from within your network, so no ports have to be opened. To connect a private network to Cloudflare, a daemon must run on a computer inside that network. Step 1: Install "cloudflared" on your network A small server or computer that's always running on your home network.A Cloudflare and Cloudflare Teams account (both free).To follow along with this post, you'll need: Your regular internet traffic stays blazing fast. WARP will only send local traffic to your home. Hosting a VPN server at home means your connection becomes as slow as your home's upload speed, which is usually very slow. That means that your internet speed will depend on the connection speed of that server. Normally, when you connect to a VPN server, all your internet traffic flows through that server. However, it has a killer feature: split-tunnels. It's essentially a free VPN that protects your internet traffic by routing it through Cloudflare's network. Then use Cloudflare WARP to connect your devices to Cloudflare's network and let it route traffic to your home.Īccessing private networks with Cloudflare Tunnel and WARPĬloudflare WARP is an interesting service. The idea of Cloudflare Tunnels is simple: connect your home network to Cloudflare's network. ![]() Until now, I have been using Cloudflare's CDN to connect to my HA instance, but that required opening ports on my router and setting complicated firewall rules.īy using Cloudflare Tunnels together with Cloudflare WARP, I could close ports and access my entire home network in a much safer way. When Cloudflare announced that their Tunnel service would become free, I saw an opportunity to strengthen the security of my Home Assistant instance.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |