Open JubbaSmail opened 2 years ago
JubbaSmail
commented
2 years ago I developed a script to automatically update the Private Network IPs if the monitored private hostname got a new IPs, https://github.com/JubbaSmail/cloudflare_tunnel_ip_updater
abelinkinbio
commented
2 years ago @JubbaSmail thanks for raising this one. This is a solid feature request and makes complete sense. We're in the early phases of thinking through potential approaches, but will keep this thread up to date as we begin to spec things out. If anyone is interested in providing additional feedback feel free to reach out to me on twitter and I'd love to learn more about your specific use cases.
vincentbernaud
commented
1 year ago Hi ! We would also be very interested in the ability to route domains privately through a tunnel.
Our main use case would be for compliance reason. We would like to be able to route a public domain through a tunnel and control where the trafic goes out. For exemple : anyone trying to access domain.com would be routed to a tunnel in the UK and go out from there instead of the reel user location. Currently this works by listing the target domain IPs in the tunnel private configuration but it's not trivial as those IPs might change.
LANopop
commented
1 year ago @abelinkinbio any chance this will be implemented soon? This would be a big help in deploying cloudflare zero trust in our environment without changing ip ranges of existing private networks.
apbassi89
commented
1 year ago @abelinkinbio Wanted to second @LANopop's question about timing, as this feature would help us a lot with our Zero Trust implementation
Kampe
commented
1 year ago Would also like to see this implemented so this can be setup at point of configuration
darren-recentive
commented
1 year ago Hi @joliveirinha and @DevinCarr 👋 , hope both of you are having/had a great weekend :) Also hope you don't mind me bringing ya'll into this Issue, looks like @abelinkinbio hasn't been active for a while.
This issue seems to be pretty popular, especially with high 👍s and recent comments; our company is also interested in hoping to adopt Tunnels as part of our Enterprise POC and ability to configure Private Networks would be awesome!
Could we maybe take another look at feature request please.
Thanks and Cheers, Darren
Describe the feature you'd like Currently, Cloudflare Tunnel supports adding a public hostname and private CIDR. However, we can't add a private hostname. Engineers are using WARP to connect to internal company resources(ex: private K8S cluster in AWS); at the same time, we don't want to open the entire VPC range, but routing the private IP instead of the private hostname of that K8S cluster proven to be unstable since the private IP will keep rotating.
Describe alternatives you've considered When a private IP rotate, I need to update it manually in the Tunnel. Also, creating a public hostname (protect it with CF Access) and upstream it to a private hostname didn't help because of the pinned certificate mismatch.
Additional context