Create a Tunnel
| Before you start |
|---|
| 1. Add a website to Cloudflare |
| 2. Change your domain nameservers to Cloudflare |
3.
Install and authenticate cloudflared
|
Create a Tunnel
To create a Tunnel, run the following command:
$ cloudflared tunnel create <NAME>
Replace <NAME> with the name you want to give to the Tunnel. The name assigned can be any string and does not need to relate to the hostname where traffic will be served.
This command will create a Tunnel with the name provided and associate it with a UUID. The relationship between the UUID and the name is persistent. The command will not create a connection at this point.
The created Tunnel can serve traffic for multiple hostnames in your Cloudflare account and send traffic to multiple services available to cloudflared, including SSH, RDP, and most arbitrary TCP connections.
Creating a Tunnel generates a credentials file for that specific Tunnel. This file is distinct from the cert.pem file. To run the Tunnel without managing DNS from cloudflared, you only need the credentials file.
| Action | cert.pem |
Credentials file |
|---|---|---|
| Create a new Tunnel | Required | - |
| Delete a Tunnel | Required | - |
| Run a Tunnel | Available | Required |
| Create DNS records from cloudflared |
Required | - |
| Connect to load balancer pools from cloudflared |
Required | - |
| Route traffic to a running Tunnel from the Cloudflare dashboard |
Available | Available |
List available Tunnels
cloudflared can list all created Tunnels in your account, as well as those actively connected to Cloudflare, by running the following command:
$ cloudflared tunnel list
Note: the command requires the cert.pem file.
Revoke and delete a Tunnel
You can delete an existing Tunnel with cloudflared. To delete a Tunnel, run the following command:
$ cloudflared tunnel delete <NAME>
If there are still active connections on that Tunnel, then you will have to force the deletion with:
$ cloudflared tunnel delete -f <NAME>
This will cause those connections to be dropped.
Deleting the Tunnel also invalidates the credentials file associated with that Tunnel, meaning those connections can not be re-established.
Cloudflare Tunnel deletes DNS records after 24-48 hours of a Tunnel being unregistered. Cloudflare Tunnel does not delete TLS certificates on your behalf once the Tunnel is shut down. If you want to clean up a Tunnel you’ve shut down, you can delete DNS records in the DNS editor and revoke TLS certificates in the Origin Certificates section of the SSL/TLS tab of the Cloudflare dashboard.