Zero Trust (WARP) as, literally, private network
Hey, I was wondering whether I could theoretically connect my VPSes into a private network with what cf offers.
And while I know that it’s possible (and have done it), the ways I implemented it seem questionable at very least to me.
1. I connected servers with wireguard and then on one server ran cloudflared and shared network I set up in wireguard; 10.0.0.0/8. This is not optimal because if I want to connect to server that’s not running cloudflared there are effectively 2 hops without any adequate reasoning to do so.
2. I started up cloudflared on my servers and added routes with ips I want my servers to have within private network (10.0.0.1/32, 10.0.0.2/32…). Then on servers I added the private network address (10.0.0.x) as a loopback. This also doesn’t sound ideal to me because that way I made human take DHCP’s role lol
Is there a way to set up cf ZT as a literally private network?
And while I know that it’s possible (and have done it), the ways I implemented it seem questionable at very least to me.
1. I connected servers with wireguard and then on one server ran cloudflared and shared network I set up in wireguard; 10.0.0.0/8. This is not optimal because if I want to connect to server that’s not running cloudflared there are effectively 2 hops without any adequate reasoning to do so.
2. I started up cloudflared on my servers and added routes with ips I want my servers to have within private network (10.0.0.1/32, 10.0.0.2/32…). Then on servers I added the private network address (10.0.0.x) as a loopback. This also doesn’t sound ideal to me because that way I made human take DHCP’s role lol
Is there a way to set up cf ZT as a literally private network?
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
