MikroTips: Cloudflare Zero Trust Tunnel

now THIS is pod-racing!!!
this channel keeps getting better and better! Dont slow down guys!!!
can l ask again for a possible future video about bridge vlans? something like "the definitive rOS v7 bridge vlan tutorial"?
something that stops all forum discussions about the proper way of doing it?

rubenduarte

As Cloudflare is one of the top CDN and widely used, I can see benefits of 2 features request as a maybe on extra package call Cloudflare to have DDNS and tunnel something like zero tier package which was game changer, Normunds counting on you.

parhampourkhosravy

Zerotier is a game changer. No more open ports on router and you can run services in a cgnat environment.

pasan.

Considering the security cautions MT provides in using containers, makes another strong case for Zero Trust Tunnel to be on the ROS or in a package and NOT on containers. Thus the functionality can be available to all MT devices. Users could access the Trust Tunnel without the added complexity as well. Its a logical approach and sane approach.
Quote: you need physical access to the router to enable support for the container feature, it is disabled by default;
once the container feature is enabled, containers can be remotely!
if the router is compromised, containers can be used to easily install malicious software in your router and over network;
your router is as secure as anything you run in container;
if you run container, there is no security guarantee of any kind;
running a 3rd party container image on your router could open a security hole/attack vector/attack surface;
an expert with knowledge how to build exploits will be able to jailbreak/elevate to root;

Anavllama

Thats great video. Its exacltly what i searched

ravensfl

After installing CloudFlared container it's not running. Run for 2-3sec then stopped.
Any suggestions?
R.board= RB5009, ROS ver. 7.15

sabujplays

Superbe. Was looking for months to deal with cg-nat situations. Until I hit on cf tunnels.
I hope it will remain a free service.
Many many thanks.

hansvanderlinden

Question: I have a very restrict "drop all" rule in my ipv4 firewall, how should I configure the firewall rules to work well with this Zero Trust Tunneling? thanks @Mikrotik

rafaelcapucho

I running Cloudflare tunnel in Proxmox LXC container.
How to set local DNS entries for services on same server but different ports?
I have hairpin on Mikrotik but how can I see all traffic goes thru tunnel.. Client PC in LAN->WAN->Tunnel->LAN Server

faraonxm

Nice. Unfortunately, , does not work with RB3011 - no manifest found for this

josefsramek

Hi, thanks for the great video, I followed the above and I have containers running on on my MikrotTik, when I go do create the container for this one I get a status error on the container? any advice

JaZzDeOliveira

@Normunds? The solution will work fine while I'm using LTE mobile connection so I get dynamic IP, and my ISP nats my connection?

radioncreation

Hello mikrotik .RIP seems not to be working in os version 7 . Pls show me how . ? I know other routing protocol in os 7 but rip seems not to be working . Why ?

mikkio

can we do the same for TWINGate connectors ?

Akram-MercuryIT

I'm getting "no manifest found for this architecture"
I'm running a RB3011 - ARM64. It should have one. Am I missing a step?

adagioleopard

Is it possible to use this to remotely access the winbox itself?

RaminMazloomi-jk

Does this work on mikrotik's 4G LTE routers? Wasn't able to setup cloudflare.

archs

How to use tcp type tunnel to access svn services?

linuxunion

hello, great news, but i have question, it`s possible to access mikrotik admin gui (webfig mikrotik) via cloudflare tunnels ?

marcinaa

You added wireguard to the core OS, please add zerotrust cloudflare as AT LEAST as an options package!! That is a reasonable compromise. What do I need to do, send you cases of Canadian Beer or visit Latvia and cook you pancakes with Canadian Maple syrup and back bacon ???

Anavllama