Overview
This article provides a step-by-step guide for accessing private VPC resources on a Crusoe Linux VM using the Cloudflare WARP client and the Cloudflare CLI. By routing traffic through the WARP client, users can securely connect to specific VPC CIDR ranges, enhancing the security and performance of their network infrastructure. This solution is particularly useful for organizations looking to simplify access to private resources while leveraging Cloudflare's robust security features.
Prerequisites
- A free Cloudflare account has been created.
- WARP client is installed.
Steps
Step 1: Create a Crusoe VM
- Log in to your Crusoe account.
- Navigate to the VM creation section.
- Select a dedicated CPU-based type instance type for optimal performance.
- Configure any additional settings (such as storage size, network options, etc.) as per your requirements.
- Launch the VM and note the public IP address for SSH access.
Step 2: SSH into the VM
-
Open a terminal (or Command Prompt/PowerShell on Windows).
-
Connect to your VM using SSH:
ssh ubuntu@<VM_PUBLIC_IP>
Note: Replace
<VM_PUBLIC_IP>
with the actual public IP address of your VM.
Step 3: Add Cloudflare Package Repository
For Ubuntu 22.04, execute the following commands:
-
Create a keyrings directory:
sudo mkdir -p --mode=0755 /usr/share/keyrings
-
Add the Cloudflare GPG key:
curl -fsSL https://pkg.cloudflare.com/cloudflare-main.gpg | sudo tee /usr/share/keyrings/cloudflare-main.gpg >/dev/null
-
Add the Cloudflare package repository:
echo 'deb [signed-by=/usr/share/keyrings/cloudflare-main.gpg] https://pkg.cloudflare.com/cloudflared jammy main' | sudo tee /etc/apt/sources.list.d/cloudflared.list
-
Update the package list and install
cloudflared
:sudo apt-get update && sudo apt-get install cloudflared
Step 4: Log in to the Cloudflare Tunnel
-
Authenticate your Cloudflare account:
cloudflared tunnel login
Follow the prompts to authorize your account.
Step 5: Create a Cloudflare Configuration File
-
Generate a configuration file by running:
vi /etc/cloudflared/config.yml
-
Add the following configuration, replacing
<Tunnel-UUID>
with your tunnel’s UUID:tunnel: <Tunnel-UUID>
credentials-file: /root/.cloudflared/<Tunnel-UUID>.json
warp-routing:
enabled: true -
Save and exit the editor.
Step 6: Add Traffic Routes
-
Configure traffic routing by executing:
cloudflared tunnel route ip add <IP/CIDR> <UUID or NAME>
Replace
<IP/CIDR>
with the IP address or CIDR block you want to route and<UUID or NAME>
with your tunnel’s identifier.
Step 7: Run the Cloudflare Tunnel
-
Start the tunnel with the command:
cloudflared tunnel run <UUID or NAME>
Ensure that the tunnel runs without errors. Monitor the logs for any connection issues.
Comments
0 comments
Please sign in to leave a comment.