CD
Cloudflare Developers10mo ago
dhakkad

How to open/forward TURN/STUN port using cloudflare tunnel?

I've this 
version: "3.7"
services:
  screego:
    image: ghcr.io/screego/server:1.10.0
    ports:
      - 5050:5050
      - 3478:3478
      - 50200-50400:50200-50400/udp
    environment:
      SCREEGO_EXTERNAL_IP: "dns:[email protected]:53"
      SCREEGO_TURN_PORT_RANGE: "50200:50400"
      SCREEGO_CORS_ALLOWED_ORIGINS: "https://share.ashishjullia.com"
      SCREEGO_AUTH_MODE: "none"
      SCREEGO_TRUST_PROXY_HEADERS: "false"
      SCREEGO_LOG_LEVEL: "debug"
  cf-tunnel:
    image: cloudflare/cloudflared
    restart: unless-stopped
    command: tunnel run
    environment:
      - TUNNEL_TOKEN=<>
version: "3.7"
services:
  screego:
    image: ghcr.io/screego/server:1.10.0
    ports:
      - 5050:5050
      - 3478:3478
      - 50200-50400:50200-50400/udp
    environment:
      SCREEGO_EXTERNAL_IP: "dns:[email protected]:53"
      SCREEGO_TURN_PORT_RANGE: "50200:50400"
      SCREEGO_CORS_ALLOWED_ORIGINS: "https://share.ashishjullia.com"
      SCREEGO_AUTH_MODE: "none"
      SCREEGO_TRUST_PROXY_HEADERS: "false"
      SCREEGO_LOG_LEVEL: "debug"
  cf-tunnel:
    image: cloudflare/cloudflared
    restart: unless-stopped
    command: tunnel run
    environment:
      - TUNNEL_TOKEN=<>
And I'm tryin to forward all these ports via th cf tunnel. I can forward port 5050 which is a HTTP port but not sure whether it is possible to forward the 3478 which is a STUN/TURN port and I want to open 50200-50400/udp as well. Is there a way with which I can just forward/expose/open the complete network of this compose file? I mean the network local to this cloudflared network or container. Is it even possible? I know a complete network can be opened using the private network of a tunnel but I want to map this application to a domain/sub-domain. Here is my conversation with the owner of the application: https://github.com/screego/server/issues/167 Any help and pointers are appreciated as I really want this project to get going but want to self host it at the same time.
6 Replies
Erisa
Erisa10mo ago
?tunnel-tcp
Flare
Flare10mo ago
Cloudflare Tunnels use Cloudflare's proxy, which only supports proxying HTTP Traffic. If you want to use non-http applications over your tunnel, Cloudflare has a few other options: For a few specific protocols such as SSH, RDP, and SMB, Cloudflare has guides for them here: https://developers.cloudflare.com/cloudflare-one/applications/non-http/ For Arbitrary TCP like Minecraft, MySQL, and any other tcp application, Cloudflare has a guide here: https://developers.cloudflare.com/cloudflare-one/applications/non-http/arbitrary-tcp/ For Arbitrary UDP like Minecraft Bedrock, SMTP, and any other udp application, you will need to use Private Networking with WARP: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/connect-private-networks/ Please note for all of these except SSH and VNC which can be browser-rendered, you will either need to use cloudflared (Cloudflare's tunnel daemon) on the client machine running in the background or Private Networking with WARP, and have WARP installed on the client machine logged into your Zero Trust Team.
Erisa
Erisa10mo ago
tldr no its not possible
dhakkad
dhakkadOP10mo ago
@Erisa | Support Engineer possible via warp in gateway mode or not?
Erisa
Erisa10mo ago
Yes if everyone who connects to the site uses WARP and you expose it over a defined private IP range The setup isnt simple but is covered under https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/private-net/connect-private-networks/
dhakkad
dhakkadOP10mo ago
Yup, got it, thanks for the help.
Want results from more Discord servers?
Add your server