Access cloudflared routable resource via Proxy Endpoint?
Hi -
I have a sftp server reachable via cloudflared. IE – cloudflared has a route for the network the sftp server resides on. The route for the network the sftp server resides on exists on a specific vnet and not the
default vnet. The sftp server is reachable when connected with the WARP client.
Is it possible to use a Proxy Endpoint to access the sftp server?
It appears a proxy endpoint can be used to access tcp port 22 on an ssh server.
% curl -px https://<SUBDOMAIN>.proxy.cloudflare-gateway.com telnet://sdf.org:22
SSH-2.0-OpenSSH_9.9
Thanks,
Joe1 Reply
I figured it out. I needed to add a route to the sftp server on the default vnet.
Is there a way to "link" a proxy endpoint to a specific vnet?
Well. Not sure what is going on...
% curl -px https://<SUBDOMAIN>.proxy.cloudflare-gateway.com telnet://sshmyip.com:22
SSH-2.0-paramiko_2.12.0
% ssh -o ProxyCommand='socat - PROXY:<SUBDOMAIN>.proxy.cloudflare-gateway.com:%h:%p,proxyport=443' sshmyip.com
2025/01/07 09:43:02 socat[29261] E read(7, 0x16d519f46, 1): Connection reset by peer
Connection closed by UNKNOWN port 65535
% ssh -o ProxyCommand='/usr/bin/nc -X connect -x <SUBDOMAIN>.proxy.cloudflare-gateway.com:443 %h %p' sshmyip.com
nc: proxy read: Connection reset by peer
Connection closed by UNKNOWN port 65535
Nevermind - https vs http. duh.
ssh -o ProxyCommand='bash -c "{ printf \"CONNECT %h:%p HTTP/1.0\r\n\r\n\"; cat; } | socat - SSL:<SUBDOMAIN>.proxy.cloudflare-gateway.com:443"' sshmyip.com