WARP Connector
BetaFeature availability
| WARP modes | Zero Trust plans ↗ |
|---|---|
| Gateway with WARP | All plans |
| System | Availability |
|---|---|
| Windows | ❌ |
| macOS | ❌ |
| Linux | ✅ |
| iOS | ❌ |
| Android | ❌ |
| ChromeOS | ❌ |
Cloudflare WARP Connector is a software client1 that enables site-to-site, bidirectional, and mesh networking connectivity without requiring changes to underlying network routing infrastructure. WARP Connector establishes a secure Layer 3 proxy between a private network and Cloudflare, allowing you to:
- Connect two or more private networks to each other.
- Connect IoT devices that cannot run external software, such as printers and IP phones.
- Filter and log server-initiated traffic, such as VoIP and SIP traffic.
- Apply Zero Trust security policies based on the source IP of the request.
As shown in the diagram, WARP Connector acts as a router for a subnet within the private network to on-ramp and off-ramp traffic through Cloudflare. All devices on the subnet can access any services connected to Cloudflare, and all devices connected to Cloudflare can access any services on the subnet. Each subnet runs a WARP Connector on a designated Linux machine (typically the default gateway router), but other devices on the network do not need to install software.
To set up WARP Connector, refer to the guide for your use case:
- Site-to-Internet: Send requests from your private network to the Internet.
- Site-to-site: Send requests between two or more private networks.
- User-to-site: Allow WARP client devices to send requests to your private network.
- Internet-to-site: Not supported by WARP Connector. To provide clientless access to applications on your private network, set up a Cloudflare Tunnel with
cloudflaredand configure a public hostname route.
-
WARP Connector is an extension of the WARP client. ↩