Shoutout to @christianlempa Cloudflare Tunnels are great, but they come at a cost. Cloudflare sees all of your data, and if you're not careful you'll only have a single layer of defence in your network. In this video I show you how to reintroduce some of those layers by segmenting your Cloudflare Tunnel on its own vLAN, and then route this traffic through a firewall with IDS and IPS. I also show how to create a Cloudflare Tunnel. Cloudflare Tunnel Docker Compose: Christian's Video: Recommended Hardware: 's-Guide/ Discord: Twitter: Reddit: GitHub: 00:00 - Introduction to the "Problems" with Cloudflare Tunnels 01:46 - Summary of how we "Fix" the problem 03:43 - Creating a Cloudflare Tunnel to Demonstrate the Problem 06:12 - "Fixing" the Problem with macvLANs and a Firewall 06:22 - Docker macvLAN Implementation 10:35 - Routing Cloudflare Tunnel Through a Firewall (Sophos XG) 12:34 - Testing It All Works 13:13 - Outro & Summary