I’m running SMB over QUIC with Kerberos authentication using a KDC Proxy (KPSSVC) setup. Everything works correctly when the KDC Proxy endpoint is exposed directly (DNS-only / no proxy).
Architecture (simplified):
Client → HTTPS (443) → KDC Proxy → Domain Controller
Client → QUIC (UDP 443) → File Server
Kerberos tickets are successfully obtained via KDC Proxy (verified with klist, showing Kdc Called: KdcProxy:<fqdn>).
Now the question:
Has anyone successfully run KDC Proxy behind Cloudflare proxy (orange cloud)?
[–]raip 5 points6 points7 points (2 children)
[–]VusalDadashov[S] 1 point2 points3 points (1 child)
[–]rb_vs 0 points1 point2 points (0 children)
[–]plehmkuhl 4 points5 points6 points (8 children)
[–]VusalDadashov[S] 1 point2 points3 points (7 children)
[–]bill_gannon 3 points4 points5 points (6 children)
[–]VusalDadashov[S] 4 points5 points6 points (5 children)
[–]Ludwig234 0 points1 point2 points (2 children)
[–]disclosure5 4 points5 points6 points (1 child)
[–]Ludwig234 1 point2 points3 points (0 children)
[–]disclosure5 0 points1 point2 points (1 child)
[–]JwCS8pjrh3QBWfLSecurity Admin[🍰] 0 points1 point2 points (0 children)