I have been watching numerous videos and documentation on Cloud Flare Zero trust. Nothing really gave me that Aha moment. I understand the main use cases but the actual piece I am looking to getting out of zero trust I don’t think its actually there and maybe someone can enlighten me.
So I am looking to replace my VPN and I from what I am seeing on videos this isnt what I am actually looking for. Again I am a noob when it comes to anything cloudflare and zero trust vpns first time interacting so excuse the loose knowledge.
So say a person wants to use the Warp Client (which my understanding is just as a VPN Client) and they want to connect to machine via RDP but they dont know the IP. Traditionally VPNs I could setup allow routes to point to a dc server for dns queries. That would be my first yay or nah that will break my attempt in continuing with zero trust if this is even allowed. I see you can setup subdomains for application and devices/ports. I dont want to do that because then I would need to reserve ips and would be taxing to keep up to date on machines when windows server automatically handles the dns.
My next thing is do I specifically need to give each device a application rule? I don’t nesscirally see an option to say heres a subnet say 192.168.2.1/24 allow port 3389 for rdp. I see this would be great if person only accessing web resources but I havent seen a good example online for something like this and maybe this isnt it.
Heres a cheesy diagram I made if I were using the warp client what my expectations are:
