Zero Trust (WARP) as, literally, private network
Hey, I was wondering whether I could theoretically connect my VPSes into a private network with what cf offers.
And while I know that it’s possible (and have done it), the ways I implemented it seem questionable at very least to me.
And while I know that it’s possible (and have done it), the ways I implemented it seem questionable at very least to me.
- I connected servers with wireguard and then on one server ran cloudflared and shared network I set up in wireguard; 10.0.0.0/8. This is not optimal because if I want to connect to server that’s not running cloudflared there are effectively 2 hops without any adequate reasoning to do so.
- I started up cloudflared on my servers and added routes with ips I want my servers to have within private network (10.0.0.1/32, 10.0.0.2/32…). Then on servers I added the private network address (10.0.0.x) as a loopback. This also doesn’t sound ideal to me because that way I made human take DHCP’s role lol
Is there a way to set up cf ZT as a literally private network?
