Currently, we have
domain.dev protected which only access from our VPN IPs, all other IPs are disallowed.
We made a CF worker to proxy traffic to
domain.dev. CF worker is under
domain.com and it is publicly accessible.
We want to create a rule which would not only allow the VPN access and also alow the CF worker access.
I create a Client Certificates mTLS in
domain.dev and rule for allow access if
cf tls_client_auth cert_verified.
When I tried to access the
domain.dev with my mTLS, I still got rejected.
not sure if mTLS can support my use case but if not, is there any thing else we can use to achieve this?