Securely access home network with Cloudflare Tunnel and WARP
This is the best way to go, sure VPNs work fine, but with cloudflared you don’t even need to expose any ports externally on your network. So malicious actors have no way of accessing any of your infrastructure if they bypass cloudflare, and cloudflare access has lots of access control policy options. Great post op!
Cut out the middleman and just use a VPN? I have one setup on my router, super easy to do and very secure.
Wireguard vpn…fast…Integrated into phone with app (Android)…I can turn on vpn without lanch any app…Integrated in Android drop down menu… cost 0
I’m using two ways to access Home Assistant right now. One’s through Nginx Proxy Manager in a cloud VM, which proxies through Tailscale. This is only used for Alexa/Google Assistant control.
The other is direct, and also via Tailscale but it’s only to access Lovelace.
This is quite interesting but I’d have to see how this will fit in my complicated setup.
I use PiVPN (OpenVPN on Raspberry Pi) along with DDNS client. Simple and easy.
Tailscale works really good
Does anyone know how I can install this on my Raspberry Pi 4gb 32bit OS?
Its looks like its all 64bit and does not allow me to install when using the dpkg command. Guides online for 32bit are out of date as it tries to download a package from a web service that is showing a 404 error.
How about protecting HA with Cloudflare websites firewall rules? That way u cloud access HA without a VPN while being protected by Cloudflare. Any ideas?
I followed this guide and it works fine (except g assistant) Click here
That doesn’t work in every situation. People who have internet connections with CGNAT, providers that filter ports, it’s not a one size fits all solution. This is similar in how HA Cloud works, but with added security and you having more control/possible visibility into the traffic.
The Raspberry Pi 3 has a 64-bit ARM processor. You should be able to use the ARM64 version of cloudflared: https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-arm64
This requires you to open ports on your router, which I want to avoid if I can.
With Tunnel, you can also expose a web server to Cloudflare without opening ports. Simply create an ingress rule as documented here: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/configuration-file/ingress
In a nutshell: cloudflared will open a secure connection to Cloudflare without opening ports. This connection can be used by WARP to get secure access to your entire home network. On top of that, you can directly expose some web services via a HTTP endpoint on your Cloudflare domain.
Ah, sorry - looking back I see a typo in my original post - corrected.
I have a Raspberry Pi 4GB running the 32bit OS. Downloading the Cloudflared package, would not allow me to install and got an error with something like "
Error: package architecture (arm) does not match system (armhf)".
To get around the issue, I had to use --force architecture in dpkg request; for example:
sudo dpkg --force architecture -i cloudflared-linux-arm.deb
I got these instructions from this post - incase helpful for anyone else.
Thanks, that’s pretty nice:)