Hi, I’m fjm2u.
In this post I’ll show how to expose an MCP server that’s running locally behind MCP Router to the internet via Cloudflare Tunnel, so that remote clients like ChatGPT can use your local MCP tools.
Introduction
I’ve been building a local MCP management app called MCP Router for about eight months:
mcp-router
/
mcp-router
A Unified MCP Server Management App (MCP Manager).
MCP Router
A Unified MCP Server Management App
-@mcp__router-1DA1F2?style=flat&logo=x){kind=icon}
🎯 Overview
MCP Router is a desktop application for simplifies the management of Model Context Protocol (MCP) servers.
✨ Key Features
- 🌐 Universal — Connect to any MCP server
- Remote or local servers
- Supports DXT, JSON, Manual
- 🖥️ Cross-platform — Windows and macOS
- 🗂 Context Management — Keep growing MCP server contexts organized
- Group MCP servers into Projects
- Manage modes with Workspaces (like browser profiles)
- Toggle tools on/off per server
🔒 Privacy & Security
Your Data Stays Local
- ✅ All data is stored locally - Request logs, configurations, and server data remain on your device
- ✅ Credentials are secure - API keys and authentication credentials are stored locally and never transmitted externally
- ✅ Complete control - You have full control over your MCP server connections and data
Transparency
- 🔍 Auditable - The desktop application source code…
Recently, an issue came in:
I want to use MCP Router from a remote machine.
[Feature] Add support for accessing MCP Router.exe from WSL2 labels: enhancementment
#144
I would like to be able to access the local MCP Router from WSL2.
I have MCP Router.exe installed on Windows, and Cursor and other AI tools can call and use MCP Router normally. This part works fine.
However, when I try to add MCP Router in claude code under WSL2, it fails to connect. After investigation, I suspect the issue is that the stdout protocol does not support communication between WSL and Windows.
I can ping Windows IP from WSL and ping WSL IP from Windows PowerShell successfully, so the network is fine. Additionally, I have tried other MCP management tools, such as MCPX, which can connect via http://ip:9000/mcp, allowing AI-Agent CLI tools on both WSL and Windows to use the same MCP Router / MCP Manager.
However, for my use case, the author's exe-based solution is simpler and more convenient than a Docker-based approach.
It would be great if MCP Router could provide a local access method, for example through an HTTP API: http://ip:5678/mcp
instead of relying on npx @mcp_router/cli@latest connect, which is based on stdout
This would allow WSL2 to directly connect to the local MCP Router without being limited by stdio, and support a cross Windows/WSL AI development workflow.
(if I understand correctly, or if there is another way to connect, please let me know — I am not very familiar with MCP protocol principles or network development, as I am mainly a mobile developer).
The good news is that this is already possible with the current implementation. In this post I’ll walk through exactly how to do it.
In short:
You can use “remote” AI clients to call “local” MCP servers.
I like to call this idea “sovereign MCP”, inspired by the concept of “sovereign AI”: you manage and control MCP locally, while selectively exposing tools to external AI services.
For example, you can keep full control over:
- Which MCP servers are enabled
- Where logs and usage history are stored
Everything stays under your control in your local environment, while external AI services only get access to the tools themselves.
Running an MCP Server Locally
Before jumping into remote setup, let me explain why a local MCP management app is useful.
The simplest way to run an MCP server locally is to configure it directly inside the app that will use it.
For example, in Claude Desktop you might configure an MCP server like this:
{
"mcpServers": {
"everything": {
"command": "npx",
"args": [
"-y",
"@modelcontextprotocol/server-everything"
]
}
}
}
This works fine if you only use a couple of MCP servers with a single app.
But if you:
- Use many MCP servers
- Across multiple clients (Claude Desktop, ChatGPT, etc.)
...management quickly becomes painful.
😣😣😣😣😣😣
That’s where a local MCP management app helps:
- You add an MCP server once
- Then you can reuse it from anywhere
- And centralize management (including things like context optimization)
MCP Router does exactly this: you add MCP servers once and manage them centrally.
😊😊😊😊😊😊
Why a Local MCP Management App?
MCP Router definitely makes MCP management more convenient, but why insist on running it locally?
In other words:
Why do MCP Router users want to access their locally running MCP servers remotely instead of just using a purely remote MCP service?
Here are a few reasons:
- Good UX, available from anywhere
- MCP Router’s UX is tuned for day-to-day MCP work. (Yes, I’m biased as the developer 😅 — but I’m continuously improving it, and UX-related issues are always treated as high priority.)
- WSL2 + Codex setups
- Some tools (like Codex) recommend using WSL2, but MCP Router doesn’t yet support Linux.
- If you want to use MCP Router from inside WSL2, you need to access it remotely.
- Trust and transparency
- If the code is transparent and runs locally, many people find it more trustworthy than opaque remote MCP management services.
- Local data retention
- You might want to keep all MCP usage data local (logs, histories, etc.) instead of sending it to a third-party service.
- Cost
- A locally hosted MCP server is free to run as much as you want (aside from electricity and hardware).
Considering these advantages over “pure remote MCP”, I think “sovereign MCP” is a better term than just “local MCP”: You keep sovereignty over your MCP stack, while still allowing remote AI services to use your tools.
Using “Remote” AI Clients with a “Local” MCP
One example architecture of a sovereign MCP
MCP Router communicates with other apps via local HTTP.
To identify apps and store logs per app, MCP Router uses Bearer authentication on these HTTP calls. The token is long enough to be strong, and this same mechanism can be safely used for remote access as well.
For remote access, two realistic options are:
- Cloudflare Tunnel – best when you want remote services like ChatGPT to access your MCP tools
- Tailscale – great for personal/private network usage (WSL2, other devices on your network, etc.)
In this article we’ll use Cloudflare Tunnel.
Note
The endpoint you expose via Cloudflare Tunnel will be reachable from the public internet. However, MCP Router requires a Bearer token, so as long as the token doesn’t leak, third parties can’t arbitrarily call your tools. That said, the endpoint could still be hit in a DoS-like way, and a leaked token would have impact. If needed, consider additionally restricting access with Cloudflare Access (e.g. by IP or user identity).
Setting Up MCP Router
- Download and install MCP Router
- Add MCP servers
- Add MCP apps
Screen after adding an MCP server:
Add a custom app:
In the app card, click the “How to use” button to show the token and copy it somewhere safe.
Copy the token that starts with mcpr_. You’ll use this token as a Bearer token from remote clients.
Setting Up Cloudflare Tunnel
- Log in to Cloudflare
- Create / set up a Tunnel
- Configure it to forward some domain to http://localhost:3282
For example:
Cloudflare Tunnel pointing at localhost:3282. Now localhost:3282 is accessible from the internet via your chosen domain.
Verifying the Connection with inspector
Next, let’s verify that we can reach MCP Router through the tunnel using the MCP inspector.
- Start the inspector:
npx @modelcontextprotocol/inspector - In the inspector UI, connect using:
- Transport Type:
Streamable HTTP - URL: your Cloudflare Tunnel domain with
/mcppath (e.g. https://mcpr.fjm2u.net/mcp) - Custom Headers:
Authorization: Bearer <your_mcpr_token>
- Transport Type:
- You should now be able to send MCP requests; MCP Router will also log them.
Using This from ChatGPT
I don’t personally have a paid ChatGPT subscription, so I can’t add a Custom Connector and test this end-to-end myself.
If you try this with ChatGPT:
- Point it at the same Cloudflare URL (https://your-domain/mcp)
- Use Authorization:
Bearer <your_mcpr_token>as a header - Optionally set
x-mcpr-projectif you want project-level isolation
And if you get it working, please reach out to me on Discord. I’d really love to hear how it goes (English or Chinese is totally fine):
https://discord.com/invite/dwG9jPrhxB
Wrapping Up
If you haven’t tried MCP Router yet, you can download it here:
https://github.com/mcp-router/mcp-router
Thanks for reading, and enjoy your sovereign MCP 🚀
Top comments (0)