Example

Below we provide a detailed example of setting up a Connector connection for securely exposing your application's resources.

Scenario

Let's suppose the following scenario.

You want to share access to three different servers within your network:

The use cases you want to allow are:

For this you will:

Fill out the connection form so we can set up a connection for you.
Install cloudflared in any of the servers you want to share. For this example, let's assume you install it on the git repository server.
Receive a SECRET TOKEN from Fluid Attacks that you will use for setting up the connection.

Now you should focus on creating firewall rules that allow the use cases presented previously:

For the git repository server, set the following egress firewall rules:

For secure connection
- Allow TCP/UDP via port 7844 to region1.v2.argotunnel.com
- Allow TCP/UDP via port 7844 to region2.v2.argotunnel.com
- Allow TCP via port 443 to api.cloudflare.com
- Allow TCP via port 443 to update.argotunnel.com
For internal communication
- Allow TCP connections via port 443 (HTTPS) to application environment server
- Allow TCP/UDP connections via port 53 (DNS) to DNS server

For the application environment server, set the following ingress firewall rules:

For the DNS server, set the following ingress firewall rules:

ingress: Allow TCP/UDP connections via port 53 (DNS) from git repository server

Now that cloudflared is installed and the required firewall rules are in place, you can proceed to enable the connection:

As a System Administrator, run the registration command for the connection using the SECRET TOKEN provided by Fluid Attacks.

Once the connection is on, you can proceed and test it according to the documentation.

Once you have:

All use cases for this example scenario should be covered.

If you require additional support, do not hesitate to contact us.