Security Gateway

 

WARP(+)

WARP is Cloudflare’s Wireguard-style ( information status Jan 12, 2024 ) VPN solution for the Security Gateway (SGW), which is part of their Zero Trust portfolio.

https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/route-traffic/warp-architecture/

Clients in the Cloudflare network tenant can access services, which are routed via cloudflared . Services do not need to be on perimeter-facing / WAN reverse proxies or load-balancers.

cloudflared

 

Cloudflared is a network forwarder which allows you to attach internal systems to the Cloudflare Zero Trust network.

The following applies to Ubuntu 22.04 LTS x86-64 (ESXi virtual machine guest).

Update the Docker container

marius@shell:~$ docker pull cloudflare/cloudflared:latest latest: Pulling from cloudflare/cloudflared

 

Run the Docker container

marius@shell:~$ docker run cloudflare/cloudflared:latest tunnel --no-autoupdate run --token $TOKEN

Today ( Jan 12, 2024 ) this will use the QUIC protocol to encapsulate the traffic.

2024-01-12T11:10:24Z INF Registered tunnel connection connIndex=2 connection=767259ac-6957-4c02-a3e2-185587ee0845 event=0 ip=<> location=hel01 protocol=quic 2024-01-12T11:10:25Z INF Registered tunnel connection connIndex=3 connection=42e5a5d2-61ea-4de8-b88c-7921bea68941 event=0 ip=<> location=ams08 protocol=quic

 

 

Â