Setting Up RDP Access without Static IP using Cloudflare Tunnel

Introduction

Let’s learn Setting Up RDP Access without Static IP using Cloudflare Tunnel, why? Because In today’s interconnected world, secure and reliable remote access to your systems is crucial. Traditionally, setting up remote access required configuring firewalls, exposing ports, and relying on static IPs, all of which pose security risks. Cloudflare Tunnel RDP offers a modern solution by providing a secure, encrypted connection without needing to expose your system to the internet directly.

Benefits of Using Cloudflare Tunnel for RDP Access

• No Static IP Required: Unlike traditional RDP setups, RDP without Static IP eliminates the need for a fixed IP address.
• Enhanced Security: Protects against unauthorized access by using Cloudflare’s zero-trust security model.
• Easy Configuration: No need for complex firewall rules or VPN setups.
• Automatic Encryption: Ensures secure connections with end-to-end encryption.
• Resilient Connectivity: Works seamlessly across different networks and ISPs.

This guide walks you through setting up Cloudflare Tunnel RDP, covering both server-side and client-side configurations, including Ubuntu RDP Cloudflare Setup.

Prerequisites

Before proceeding, ensure you have the following:

• A Cloudflare Account: Sign up at Cloudflare.
• A Registered Domain: You’ll need a domain/subdomain to route traffic (e.g., rdp.yourdomain.com). You can register one for yourself with 32N.Co at this link
• Cloudflare Tunnel Installed: Install cloudflared on your Windows machine (server-side) and client machine.
• Administrator Access: Ensure you have admin rights on both the server and client machines.

Server-Side Configuration (Windows Machine)

Let’s go through it step by step.

Step 1: Let’s Install Cloudflared first

1. Download and install the Cloudflare Tunnel client (cloudflared) on your Windows machine from Cloudflare’s official site.
2. Open Command Prompt (Run as Administrator) and log in:

   cloudflared tunnel login
   

3. This will open a browser window where you must authenticate with your Cloudflare account.

Step 2: Create a Tunnel from Cloudflare Dashboard

1. Go to Cloudflare Tunnel Dashboard.
2. Navigate to Zero Trust → Access → Tunnels.
3. Click Create a Tunnel, name it, and follow the prompts.
4. Download the tunnel credentials JSON file and place it in C:\Windows\System32\config\systemprofile\.cloudflared\
5. Assign a Public Hostname and route it to your local RDP server IP (127.0.0.1:3389).

Step 3: Running the Tunnel on Server Side

Once the tunnel is created and credentials are in place, start it:

cloudflared tunnel run <tunnel-id>

To run it as a Windows service:

cloudflared service install <tunnel-token>

Step 4: Ensure Cloudflared Starts on Boot

1. Open Task Scheduler (taskschd.msc in Run prompt).
2. Create a new task and:
   • Set it to run at startup.
   • Run it with highest privileges.
   • Configure it for Windows 10 or later.
   • Ensure it runs even if no user is logged in.
   • Set the action to run the following command:

     cloudflared service install <tunnel-token>
     

3. Save and test by restarting your machine.

Client-Side Configuration

On Ubuntu Machine

Step 1: Install Cloudflared on Ubuntu

1. Install cloudflared:

   sudo apt update && sudo apt install cloudflared -y
   

2. Authenticate Cloudflare Tunnel on Ubuntu:

   cloudflared tunnel login
   

Step 2: Connect to the RDP Tunnel

Run the following command to forward traffic:

cloudflared access tcp --hostname <your-tunnel-domain> --url localhost:3389

This will establish a secure connection to the remote Windows machine.

Step 3: Connect via RDP

1. Open Remmina (or any RDP client) on Ubuntu.
2. Enter localhost:3389 as the server.
3. Provide your Windows credentials and connect.

On Windows Machine (Client-Side)

Step 1: Install Cloudflared

1. Download and install cloudflared on the Windows client machine.
2. Open Command Prompt (Run as Administrator) and log in:

   cloudflared tunnel login
   

Step 2: Connect to the RDP Tunnel

Run the following command on client side windows machine

cloudflared access tcp --hostname <your-tunnel-domain> --url localhost:3389

Step 3: Connect via Remote Desktop

1. Open Remote Desktop Connection (mstsc in Run prompt).
2. Enter localhost:3389 as the Computer name.
3. Provide your Windows credentials and connect.

Conclusion

By following this guide, you’ve set up a secure and automated Cloudflare Tunnel RDP access. With Cloudflare’s zero-trust security model, you no longer need to expose ports or rely on a static IP, making RDP without Static IP a viable and secure solution. Whether using Windows or Ubuntu Desktop, including Ubuntu RDP Cloudflare Setup, this setup ensures a safer and more resilient remote access environment.

Need further optimizations or troubleshooting? Let me know in the comments! 🚀