I was struggling to figure out how to do this, many other tech videos are outdated on the subject because cloudflare changes their web layout so often! Thank you for making it so simple, I'm subscribed!
Thank you for sharing your time and expertise with us. I have been using CF Tunnels for a while now. Running it in a Docker container on my Unraid server. Keep up the great work.
Wow you sound so intelligent and so much ahead of your game. God bless you. I hope someday I could really know what you're talking about. You were like talking a different language. I'm starting out from the bottom. Just learning all of these things and sometimes it gets overwhelming but I see someone like you that has dedicated their life to learning. Different kind of platforms is just amazing to me. I just wanted to learn how to put the www in front of my domain and I just can't even get that done let alone all the other things that you're talking about. But God bless you and thanks for the information
My first few days owning a NAS and using cloudflare tunnels. I wanted to access a few devices on my network. I watched your video 5 times and finally got a connection working to my NAS. Thank you so much for sharing this information, much appreciated. Now for challenge number two, how to connect my other devices on my network.
Important disclaimer: cloudflare tunnels do not allow the upload of files bigger than 100MB!!! This is due to their caching limitations on the free version. I don't know if there is a workaround. This means that if you try to upload e.g. a video +100MB it will be stuck on the uploading cue. This limitation does not apply to total size upload - let's say you have 5x50MB files in a folder you want to upload, it will upload perfectly fine- Downloads are not affected by this limitation as far as I am concerned.
@@MrWizardGG Technically you are still downloading (limitless) from your nas, right? If you wanted to upload a movie to your nas you wouldn't be allowed.
This is great for a first time self hoster or someone with limited financial means. But I have to say for someone who can afford a Unifi, TP-Link Omada, or other Router that allows for "Conditional Port Forwarding" I would use that method instead, as I am trusting hardware that I personally have purchased to do the security portion for me by only allowing Cloudflare Ip Addresses to access your network through a reverse proxy. Plus I feel better knowing my own hardware that i purchased and configured myself is managing the connection and security, instead of solely relying on Cloudflare and for them to not make a misconfiguration.
This is by far the best solution out there to connect remotely!! Is it possible to point to another ip address? Setting up on Synology dockets, but pointing to a different PC, in my case a VM inside synology?
Awesome...Then one day, when everybody is using it, they start charging or limiting the usage. :-( Sometimes I think that we should plan our future using the minimum of external services, like cloud, etc. One day they will screw everyone.
@@SpaceRexWill Agreed. That's the main reason I bought a Synology at first place: To avoid cloud, and everything in between. Right now I have an open-source VPN working very well to connect my local network.
@@glufke I'm right there with you.. I don't like the idea of relying on someone else's servers to access my stuff. Cloudflare is more work than hosting your own vpn/port forwarding.
Suppose I wanted the same cloudflare tunnel to point me to another docker image, like Portainer or PaperlessNGX or something similar, how can I make this work?
In my experience (I have been setting this up lately) I have the similar download/upload speeds as using tailscale VPN, maybe a tiny bit less. There is a 100MB file upload max and it will just get stuck in upload. Compared to quickconnect, of course when remotely, the download speed might vary depending on their relay capacity, but I had around
yes you can, but no port forwarding with t mobile modem, Im not sure if all t mobile modems do not let you do port forwarding, so you will have to use quickconnect or any method that does not requires port forwarding.
Is there any way to use this without public IP? Many ISP’s lately go for ipv6 without public IP, this nukes plex etc. From outside of my network. Any thoughts?
Yes, but to my understanding is against cloudflare T&C to use it to stream videos. Im under CGNAT and I test it and works amazing, but when im away i just use tailscale. Just do a google search to find more information
So, from a security perspective, do you recommend this over port forwarding to a reverse proxy? I'm a little anxious about the facts that: 1. Cloudflare has a direct route into my network after setting up cloudflared and 2. everything is unencrypted and then reencrypted at the Cloudflare server.
The answer is a strong, it depends. if you are the type of person who does not want to use AWS, because your data is sitting on their servers, then this is really not for you. If you are looking for security. This is probably best, as Cloudflare adds an additional firewall in front of everything you have, and can keep stuff out of even coming to your network
@@SpaceRexWill That's a fair response. I think I will continue to rely on Synology's reverse proxy directing 443 and 80 traffic to the appropriate container. Thanks, as always, for your videos. I find them very helpful.
@@marcus_too with port forwarding security is under your control, but then you have to trust yourself enough (and your host config) 😀 Tailscale Funnels are good alternative to tunnels if you're okay with using Tailscale domain names and loosing Cloudflare front-door security features. In terms of privacy it's better than Cloudflare because it is your node that terminates TLS.
@@SpaceRexWill Tailscale Funnel can be used for public access in a similar way. It has some limitations, but it's also encrypted end-to-end (TLS termination on Tailscale node). Great video BTW!
@bending-unit-22 but wouldn't that suggest you're not using the GOAT tailscale for your own devices because who would want to connect a public app to their private environment
@@MrWizardGG not sure I follow. It's the same use case as Cloudflare tunnel - you expose self-hosted service to the Internet. I personally have most apps accessible only from my tailnet (DSM, Plex, Gitea, Portainer, etc.). Few selected things I want to share with friends and family (media library content, memos/wiki), but without requiring them to use Tailscale.
@@MrWizardGG not sure I follow. It's the same use case as Cloudflare tunnel - you expose self-hosted service to the Internet. I personally have most apps accessible only from my tailnet (DSM, Plex, Gitea, Portainer, etc.). Few selected things I want to share with friends and family (media library content, memos/wiki), but without requiring them to use Tailscale.
@@talismanna its only a thing until you get first, then it isn't a thing anymore. look at you, getting first a long time ago then holding it over my head like you are better than me. pffft 🤣
I am starting to notice that you keep glancing to the left. It’s a little distracting. Even once in a while is fine but every four seconds distracts me from listening to your content.
I was struggling to figure out how to do this, many other tech videos are outdated on the subject because cloudflare changes their web layout so often! Thank you for making it so simple, I'm subscribed!
Thank you for sharing your time and expertise with us. I have been using CF Tunnels for a while now. Running it in a Docker container on my Unraid server. Keep up the great work.
Very nice! Cloudflare Tunnel + Application = joy!
I use this combination for most of my "restricted external" services. I've had zero issues. Thanks!
Wow you sound so intelligent and so much ahead of your game. God bless you. I hope someday I could really know what you're talking about. You were like talking a different language. I'm starting out from the bottom. Just learning all of these things and sometimes it gets overwhelming but I see someone like you that has dedicated their life to learning. Different kind of platforms is just amazing to me. I just wanted to learn how to put the www in front of my domain and I just can't even get that done let alone all the other things that you're talking about. But God bless you and thanks for the information
My first few days owning a NAS and using cloudflare tunnels. I wanted to access a few devices on my network. I watched your video 5 times and finally got a connection working to my NAS. Thank you so much for sharing this information, much appreciated. Now for challenge number two, how to connect my other devices on my network.
Important disclaimer: cloudflare tunnels do not allow the upload of files bigger than 100MB!!! This is due to their caching limitations on the free version. I don't know if there is a workaround.
This means that if you try to upload e.g. a video +100MB it will be stuck on the uploading cue.
This limitation does not apply to total size upload - let's say you have 5x50MB files in a folder you want to upload, it will upload perfectly fine-
Downloads are not affected by this limitation as far as I am concerned.
FYI however their code works it doesn't stop cloudflare from successfully routing Plex for big 4k movies.
@@MrWizardGG Technically you are still downloading (limitless) from your nas, right? If you wanted to upload a movie to your nas you wouldn't be allowed.
@@AlfyahBwoy thx I understand what you mean now
It worked great. A video on how to set up DDNS with cloudflare on the Synology would also be interesting.
This is great for a first time self hoster or someone with limited financial means.
But I have to say for someone who can afford a Unifi, TP-Link Omada, or other Router that allows for "Conditional Port Forwarding" I would use that method instead, as I am trusting hardware that I personally have purchased to do the security portion for me by only allowing Cloudflare Ip Addresses to access your network through a reverse proxy.
Plus I feel better knowing my own hardware that i purchased and configured myself is managing the connection and security, instead of solely relying on Cloudflare and for them to not make a misconfiguration.
could you do a tutorial for apache or other web server on synology
very usefull for home made little proyects! thank you! keep up with the videos,
This is really helpful resource
For my use cases upload 100MB limit, really makes Drive and Photos unsuable. It also seems Drive requires the 6690 port as well to sync files
This is by far the best solution out there to connect remotely!!
Is it possible to point to another ip address? Setting up on Synology dockets, but pointing to a different PC, in my case a VM inside synology?
Thanks for sharing. I tried it with the http ports but it didnt work. I didnt know there was a no tls verify option. Much love!
Super helpful. Thanks!
Thanks! This is amazing!
Just trying to navigate myself through the cloud flare is a challenge. I just don't even know where to go to put the www in front of my domain😢
Awesome...Then one day, when everybody is using it, they start charging or limiting the usage. :-(
Sometimes I think that we should plan our future using the minimum of external services, like cloud, etc. One day they will screw everyone.
The biggest thing is just to always have a backup plan
@@SpaceRexWill Agreed. That's the main reason I bought a Synology at first place: To avoid cloud, and everything in between. Right now I have an open-source VPN working very well to connect my local network.
@@glufke I'm right there with you.. I don't like the idea of relying on someone else's servers to access my stuff. Cloudflare is more work than hosting your own vpn/port forwarding.
Just like VNC is doing
Suppose I wanted the same cloudflare tunnel to point me to another docker image, like Portainer or PaperlessNGX or something similar, how can I make this work?
Will, do you see any issues with setting up a VPN on a virtual machine hosted on a NAS and accessing that VM remotely ?
Can it be set up for connecting 2 Synologys behind nat for transferig backups from one to another?
How is it speed wise for file upload / download via DSM compared to using quick connect?
In my experience (I have been setting this up lately) I have the similar download/upload speeds as using tailscale VPN, maybe a tiny bit less. There is a 100MB file upload max and it will just get stuck in upload. Compared to quickconnect, of course when remotely, the download speed might vary depending on their relay capacity, but I had around
So you need to host your DNS with cloudflare then for tihs to work?
Does it work for Synology Photos auto backup? or any other Synology mobile app.
apakah localhost webserver framework laravel bisa menggunakan cloudflare tunnel ?
Is that allowed to share a media server this way?
How to remove limitation when uploading file over 100mb via cloudflare? 😢
Can you use access authentication with mobile apps?
Hi been considering getting a NAS. I have t mobile home internet. Is it still possible to use a NAS on t mobile?
yes you can, but no port forwarding with t mobile modem, Im not sure if all t mobile modems do not let you do port forwarding, so you will have to use quickconnect or any method that does not requires port forwarding.
When do I get a Spacerex email??!
What about the dsm page it wont work :(
Is there any way to use this without public IP? Many ISP’s lately go for ipv6 without public IP, this nukes plex etc. From outside of my network. Any thoughts?
Yes, but to my understanding is against cloudflare T&C to use it to stream videos. Im under CGNAT and I test it and works amazing, but when im away i just use tailscale. Just do a google search to find more information
will this also work with any of the Synology phone apps?
answered my own question...yes it does
ma devo aprire le porte del ruter???
So, from a security perspective, do you recommend this over port forwarding to a reverse proxy? I'm a little anxious about the facts that: 1. Cloudflare has a direct route into my network after setting up cloudflared and 2. everything is unencrypted and then reencrypted at the Cloudflare server.
The answer is a strong, it depends.
if you are the type of person who does not want to use AWS, because your data is sitting on their servers, then this is really not for you.
If you are looking for security. This is probably best, as Cloudflare adds an additional firewall in front of everything you have, and can keep stuff out of even coming to your network
@@SpaceRexWill That's a fair response. I think I will continue to rely on Synology's reverse proxy directing 443 and 80 traffic to the appropriate container. Thanks, as always, for your videos. I find them very helpful.
@@marcus_too with port forwarding security is under your control, but then you have to trust yourself enough (and your host config) 😀 Tailscale Funnels are good alternative to tunnels if you're okay with using Tailscale domain names and loosing Cloudflare front-door security features. In terms of privacy it's better than Cloudflare because it is your node that terminates TLS.
How does this work with a reverse proxy like Nginx proxy manager?
It does often require a bit more playing around to get your headers to go through properly
Why not
Just use the cloudflare app in the app center ??
How can we ensure "nobody is going to be IP spoofing on our home network", doesn't the average American buy dozens of cheap electronics from overseas?
Tailscale or ZeroTier are way better. Cloudflare tunnel lacks a ton of features that others offer.
This is really focused on the public facing side.
Tailscale / openvpn are wayyy better for private access
@@SpaceRexWill Tailscale Funnel can be used for public access in a similar way. It has some limitations, but it's also encrypted end-to-end (TLS termination on Tailscale node). Great video BTW!
@bending-unit-22 but wouldn't that suggest you're not using the GOAT tailscale for your own devices because who would want to connect a public app to their private environment
@@MrWizardGG not sure I follow. It's the same use case as Cloudflare tunnel - you expose self-hosted service to the Internet. I personally have most apps accessible only from my tailnet (DSM, Plex, Gitea, Portainer, etc.). Few selected things I want to share with friends and family (media library content, memos/wiki), but without requiring them to use Tailscale.
@@MrWizardGG not sure I follow. It's the same use case as Cloudflare tunnel - you expose self-hosted service to the Internet. I personally have most apps accessible only from my tailnet (DSM, Plex, Gitea, Portainer, etc.). Few selected things I want to share with friends and family (media library content, memos/wiki), but without requiring them to use Tailscale.
I guess Drive desktop app will not work........
FINALLY FIRST!!!!!!!!!!!!!!
Woohoo! Congrats! 🤘
username is appropriate
@@talismanna its only a thing until you get first, then it isn't a thing anymore. look at you, getting first a long time ago then holding it over my head like you are better than me. pffft 🤣
It’s pronounced “demon” Will. Yeah, I know it’s not spelled that way.
I am starting to notice that you keep glancing to the left. It’s a little distracting. Even once in a while is fine but every four seconds distracts me from listening to your content.