What is WARP, Zero-Trust
WARP is a new form of Wireguard
Zero-Trust is the best version of WARP
How to deploy WARP
Follow this guide, pretty simple.
Difference between WARP, WARP+, Zero Trust
WARP : 1G
WARP+: Medium plan
Zero Trust: Business plan
Download WARP client APP
the official download site of WARP: https://one.one.one.one
远端服务器部署Zero-Trust注册
以Linux为例,按照这个网址进行服务器端应用的下载。
然后执行以下命令
warp-cli teams-enroll orbitmoonalphaWARNING: Teams registration run as root is not supported.
Please re-run command as a regular user.
注意,提交组织注册时,不要使用root。用以下命令退出:
exitNOTICE:
Your organization is using Cloudflare for Teams, a security platform that makes
connections to the Internet and applications faster and safer.
What information is available to administrators of my organization?
The following information may be viewed by administrators from your
organization:
* the websites you visit
* the times you visited them
More information is available at:
– https://www.cloudflare.com/application/terms/
– https://www.cloudflare.com/application/privacypolicy/
Accept Terms of Service and Privacy Policy? [y/N] y
A browser window should open at the following URL:
https://orbitmoonalpha.cloudflareaccess.com/warp
If the browser fails to open, please visit the URL above directly in your browser.
然后页面打开完成邮箱验证码提交后,提取蓝色按钮里的jwt:
稍微注意下,单引号内部的完整字符串才是jwt
然后按以下格式提交WARP API验证:
warp-cli registration token + com.cloudflare.warp://[组织名].cloudflareaccess.com/auth?token= + [token]比如:
warp-cli registration token com.cloudflare.warp://orbitmoonalpha.cloudflareaccess.com/auth?token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjhkOWIwOTgyNTY3MDYyMWM0N2E3OWQ3MWU2OTFkMTY2MmE2ZTg5ZGUxMmI3YTliZGVlMDczOGE2YWIxNDMxMTMifQ.eyJhdWQiOlsiZTExM2Q4MmU1YzJlMTExZGY5YWY5ZWNlNGZmMTdiNTk5ZjJlYTZkY2U3M2Q3NzU1MDczMmE1MTRlNDRkMDgwOCJdLCJlbWFpbCI6Imh完成Team,即现在的Zero Trust注册
常见命令:
warp-cli account这个将返回:
Account type: Team
Device ID:
Public key:
Account ID:
Organization: orbitmoonalpha
warp-cli tunnel ip add [排除IP]请正确设置排除IP,确保源服务器的ssh连接维持正常,避免服务器失联。
若设置不当,服务器在执行warp-cli connect后可能导致你再也无法连接到源服务器。
WARP服务器Zero-Trust的私钥Private Key在哪里
/var/lib/cloudflare-warp# cat reg.json这个路径下的reg.json记录了:
{“registration_id”:[“”,null],”api_token”:””,”secret_key”:””,”public_key”:””,”override_codes”:{“disable_for_time”:{“seconds”:86400,”secret”:””}}}root@WG-US:/var/lib/cloudflare-warp#
由于WARP使用的底层技术就是WireGuard,这个json文件里提供的公钥和密钥就是WG配对用的。
常见问题 Troubleshoot
warp-cli registration new遇到无法提交、旧注册未完成等死循环,warp-cli registration delete无法删除
A: 尝试删除warp-cli重新安装
sudo apt-get remove cloudflare-warp注册Zero Trust时warp-cli register遇到Error: Failed to contact the WARP API.
A:在提交服务器验证API的时候如果报错,则在浏览器返回warp token页面,自动会刷新jwt,获取新的jwt后再次提交就会注册成功:
能否在服务器进行Zero Trust的WARP connect然后本地Wireguard连接?
实践证明是可以的。主要原理是在warp-cli connect之后,将ifconfig里的CloudflareWARP流量全部通过Wireguard转发。本地wg连接后得到IP就是CloudflareWARP的IP。
如何在服务器设置优选IP?
Force the client to connect to the specified IP:PORT endpoint (Zero Trust customers must run this command as a privileged user)
warp-cli tunnel endpoint set + IP:Port需要root权限:
warp-cli connect导致服务器失联,如何恢复
进入Cloudflare ZERO TRUST 控制台,WARP Clients进入当前使用的Device settings,比如:
将WARP Mode切换至proxy模式,稍等api更新即可恢复连接服务器,然后将warp-cli disconnect
Cloudflare 无法连接 Unable to Connect HAPPY EYEBALLS MITM FAILURE
Status: Unable to Connect
Error reason: Happy Eyeballs Failure
Error code: CF_HAPPY_EYEBALLS_MITM_FAILURE
Error description: Unable to establish WARP connection. Confirm if this device’s firewall allows WARP Ingress and/or UDP traffic.
What is HAPPY EYEBALLS ?
HAPPY EYEBALL可以简单理解为:一种让你的电脑或者手机在上网时,能够同时尝试走这两条路(IPv4和IPv6),看哪条路更快、更顺畅,然后选择最快的那条路来上网。
近期中国大陆出现无法连接情形涵盖warp, warp+及zero trust,似乎主要是由于firewall因素导致。
Free AI Research Guidebook:
AI Agent Complete Guidebook help gear you up人工智能助手指南
Directly interact with ChatGPT for multi-turn conversations
Input URL as reference material to pass in conversation history, ask multiple questions based on the reference material
Summarize YouTube video summaries, requires enabling subtitles for videos
Summarize and follow up on PDF files
Summarize and follow up on news or web articles
Analyze and ask questions about images
Generate high-quality images
more info about AI Agent how to use: https://orbitmoonalpha.com/how-to-use/