Securing SQL & TCP Applications with Cloudflare Zero Trust & SSO (Step-by-Step Guide)

Рет қаралды 5,204

Күн бұрын

Want to support outside of KZfaq? How about Buy me a Coffee? - www.buymeacoffee.com/techdox
In this tutorial, we'll focus on securing MS SQL Server using Cloudflare Zero Trust and Single Sign-On (SSO) protection, but rest assured, the principles can be applied to a wide range of TCP-based applications. Whether you're managing an SQL server or any other TCP service, join us for this step-by-step guide to enhance your security. Don't forget to subscribe for more valuable insights from Techdox!
Useful Links:
Discord - / discord
Cloudflared Install - developers.cloudflare.com/clo...
TCP Tunnel Info - developers.cloudflare.com/clo...
Timestamps:
0:00 Introduction
0:35 Overview of Cloudflare TCP Access
2:30 Cloudflare Service Setup
6:05 Connecting to Unsecured Service
11:06 Protecting with Application Policies
13:33 Closing Thoughts

Пікірлер: 28

@JhonnyPrz Ай бұрын

¡Belleza de tutorial, excelente! Gracias por el video.

@yeon-cloud 2 ай бұрын

This works great, thanks.

@haririan2 4 ай бұрын

you are my hero ❤❤❤❤❤❤❤❤ i have been looking for this problem about two year thank you very much :X:X:X

@miinayeem 4 ай бұрын

Thank you for this video. I was stuck after configuring the TCP port on Cloudflare zero trust.

@williamlee9135 Ай бұрын

This is great and works amazing! I have followed a lot of your videos and really appreciate everything your sharing. I am stuck on one thing. I have already setup my postgresql db on cloud flare. It's exposed. Already assigned unique IP for security. Now, If I want to connect that DB in another application, let's say DBT cloud, how can I achieve that? Thanks!

@NathanielAmadi 4 ай бұрын

This is great, thanks a lot. So, can I achieve the same thing by using the Cloudflare WARP Client installed on the client (My Macbook) instead of installing cloudflared, such that it also uses SSO to connect to the SQL server in my private network?

@twitchizle 2 ай бұрын

you fuking amazing

@andreX374 2 ай бұрын

Hi, this is a super cool video, it clarified a lot of things for me, I am doing the same thing but using Linux and a Windows client machine. And I wanted to ask if for the Windows client it is also necessary to install the Cloudflared daemon and run the same command?

@staticalmo 2 ай бұрын

does it make sense to "expose" it with cloudflare when with an API (like DreamFactory) we can give specific rights? With a bearer token

@julioffigueiredo 2 ай бұрын

Is there any way to make an config, yml or via command line to start more than 1 service in one command line?

@user-rs8ln9vz1n 3 ай бұрын

How did you use the Github token to login to your DB-manager? If you only authenticate the Application on CF using Github, there is no SSO. How would you implement SSO all the way into a web application you run in your lab, say Portainer e.g.? Thanks!

@6bOemH2gKz 4 ай бұрын

I guess this tutorial is missing something about the host side running cloudflared... hope to get some feedblack if i'm wrong. thanks

@Techdox 4 ай бұрын

All of this is covered, did you watch the entire video? In the section “connecting to an unsecured service” I show you how to install Cloudflared

@yakisobaguitarist 5 ай бұрын

One of your domains is Minecraft. Did you get that working through cloudflare tunnel somehow?

@Techdox 5 ай бұрын

Yeah it’s going via Cloudflare but just via any other dns not via the tunnels

@victorcoopers 6 ай бұрын

Is there a way to run the command 'cloudflared access tcp --hostname' as a Windows service? This would allow it to automatically start up on system reboot. I can't seem to get it to work.

@Techdox 6 ай бұрын

Could make it a powershell script then add that to your startup?

@victorcoopers 6 ай бұрын

Okay, thanks! @Techdox One more question: is there a way to have the session duration for the application set to unlimited, so I don't have to authenticate again?"

@Techdox 6 ай бұрын

@@victorcoopers Maybe? I would have to check, but even though this is a home setup it's always best to use best practives to make sure you don't expose yourself in terms of security

@victorcoopers 5 ай бұрын

@@Techdox Any chance it will work with android phone using their cloudflare One Agent to access the tcp?

@haririan2 4 ай бұрын

is there anyway to run it in background ? i dont want to keep opening cmd

@Techdox 4 ай бұрын

I don't use windows much, but I assume you can just create a batch script or something with the commands and have that run in the background? Or a Powershell script?

@haririan2 4 ай бұрын

I've used task scheduler for running script on Windows start tnx again for ur help ❤

@ricgondo 6 ай бұрын

Can the client be the same as the server? I understand you are using docker... but let's say can the client in your case be the same as my SQL Server machine?

@Techdox 6 ай бұрын

Yeah, if you are running SQL Server on a server you can connect to it from the exact same machine which would be the client, correct? If I misunderstood let me know :) Also since you are a member you get 1:1 support with me in Discord, so feel free to ask there

@ricgondo 6 ай бұрын

Yes sir!@@Techdox