External access via CGNAT network.

www.cloudflare.com

Cloudflare Tunnel · Cloudflare Zero Trust docs

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. With Tunnel, you do not send traffic to an external IP — instead, a lightweight daemon in your infrastructure (cloudflared) creates outbound-only connections to...
www.cloudflare.com www.cloudflare.com
 
Caged said:
www.cloudflare.com

Cloudflare Tunnel · Cloudflare Zero Trust docs

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. With Tunnel, you do not send traffic to an external IP — instead, a lightweight daemon in your infrastructure (cloudflared) creates outbound-only connections to...
www.cloudflare.com www.cloudflare.com
Click to expand...
Oh wow that might work. I guess Cloudfare would would give me a static IP I can use on my DNS for the hosting sofe of things and presume there is some config on the software from Cloudflare for it to connect to my server
 
Erm yeah that’s hard to pick one said:
Oh wow that might work. I guess Cloudfare would would give me a static IP I can use on my DNS for the hosting sofe of things and presume there is some config on the software from Cloudflare for it to connect to my server
Click to expand...

Not quite. It's all FQDN based and configured in the Cloudflare portal.

The IP addresses behind the FQDN's are reasonably dynamic (dual homed too, so there will be IPv4 & IPv6 addresses) so forget about accessing stuff by IP. You'll also have to have a domain that lives on Cloudflare's DNS servers, you can't have your DNS elsewhere and use that domain for Cloudflare tunnels. Initially I bought a new domain through Cloudflare just for the tunnel access but have since moved all my domains over to Cloudflare.

Software wise you need to install cloudflared somewhere at your end of the tunnel. I've got it on the same Raspberry Pi that I'm running PiVPN (note to self - investigate alternatives) and it's working fine.
 
the-evaluator said:
Not quite. It's all FQDN based and configured in the Cloudflare portal.

The IP addresses behind the FQDN's are reasonably dynamic (dual homed too, so there will be IPv4 & IPv6 addresses) so forget about accessing stuff by IP. You'll also have to have a domain that lives on Cloudflare's DNS servers, you can't have your DNS elsewhere and use that domain for Cloudflare tunnels. Initially I bought a new domain through Cloudflare just for the tunnel access but have since moved all my domains over to Cloudflare.

Software wise you need to install cloudflared somewhere at your end of the tunnel. I've got it on the same Raspberry Pi that I'm running PiVPN (note to self - investigate alternatives) and it's working fine.
Click to expand...
I see they offer a docker option so that works. Shame about the domain. That might be a problem. I do have ZeroTier. I wonder if I can do anything with that.

Thank you for a good quality reply covering some details.
 
Last edited:
Erm yeah that’s hard to pick one said:
I see they offer a docker option so that works. Shame about the domain. That might be a problem. I do have ZeroTier. I wonder if I can do anything with that.

Thank you for a good quality reply covering some details.
Click to expand...

Yeah, there's several ways you can run cloudflared.

Needing a domain on their DNS servers wasn't a problem for me, they sell domains at cost (I think) so I just had to remember to use mydomain.cloud instead of mydomain.com for accessing stuff at the home end of the tunnel.
 
Erm yeah that’s hard to pick one said:
By chance cloud flare doesn’t give you an IP you can use do they. Now if they do that would world a so can update my host on the dns to use that like in was at home
Click to expand...

Not as far as I know. There is of course an IP address behind the FQDN (2 x IPv4 & 2 x IPv6) but I haven't tried doing anything with them directly. If I get a chance later this afternoon I'll see what I can do with them.

I'm fairly sure they're quite dynamic though and I see a 300s TTL.
 
You don't have to change your domain or transfer it anywhere, the only requirement is that you use Cloudflare as your name server.
 
On Holiday said:
Why not just use regular web-hosting or a VPS for this?
Click to expand...
Because there is a large amount of hardware attached to the server that’s makes the server what it is and also the location of it.
the-evaluator said:
Not as far as I know. There is of course an IP address behind the FQDN (2 x IPv4 & 2 x IPv6) but I haven't tried doing anything with them directly. If I get a chance later this afternoon I'll see what I can do with them.

I'm fairly sure they're quite dynamic though and I see a 300s TTL.
Click to expand...

Fact looking at my DNS settings for my domain I could use the cloudflare site as well.
Caged said:
You don't have to change your domain or transfer it anywhere, the only requirement is that you use Cloudflare as your name server.
Click to expand...
Oh right got that option as well on my domain.
 
As @Caged says, you just need to make Cloudflare your DNS provider for your domain rather than transfer the domain to them (ie - CF acting as registra). It's a near enough painless experience with setup as their wizard handles it all, especially importing existing DNS records.

Alternatively, create a VPN server somewhere and tunnel to it; i'm sure you could even use one of the free-tiers from AWS/Azure/Google/Oracle etc.
 
I just sat down to give this a go and stuck right away as after making the account and logging in the section you need is pretty hidden. I think i was doing it right but right away limited on network names and then it wanted payment even for a free option which is a joke. Not something I was willing to do. Nor could I find anything on youtube for it.

I did try my Zero Tier option via DNS and that works but need to have ZT on the accessing device so that defeated the object
 
Erm yeah that’s hard to pick one said:
I just sat down to give this a go and stuck right away as after making the account and logging in the section you need is pretty hidden. I think i was doing it right but right away limited on network names and then it wanted payment even for a free option which is a joke. Not something I was willing to do. Nor could I find anything on youtube for it.

I did try my Zero Tier option via DNS and that works but need to have ZT on the accessing device so that defeated the object
Click to expand...
There are loads of step-by-step guides on YouTube for Cloudflare tunnels?

Cloudflare doesn't require any payment for free services, you've gone wrong somewhere. Your thread is rather cryptic, so it's hard to offer any specific advice. Best I can gather, it's a well known (by brand/name) site that is only accessible to people to whom you give the URL (lol), and can't be hosted in a datacentre because the hardware attached to the server (?) makes it what it is... but it's hostable behind a measly 5G connection. You see why it's hard to offer meaningful suggestions. :D

What exactly is the server and mystery required attached hardware? What software stack is running it? How many thousands of visitors a day/week/month are you handling? It doesn't compute (pun intended) that your service is well known and impossible to rebrand the domain for (and thus, presumably, successful and popular and you're unable to send an email to your half dozen users with the updated URL), yet it can only be hosted at home (?) on a 5G connection and isn't worth paying to co-locate into a rack in a DC somewhere. If you can provide some more insight into exactly what you're hosting and the setup, people can offer you more appropriate advice.
 
You must log in or register to reply here.
Back
Top Bottom