I have successfully configured CF Access / Teams and exposed one of the internal application over the Internet. Part of the configuration, created a CNAME record on CF , for example :
“internal-app.mysite.com (CNAME) tunnel-ID.cfargotunnel.com”
“mysite.com” DNS zone is also hosted internally on the Corporate DNS Server. So when someone connect to the Corporate VPN the DNS record doesn’t resolve, hence can’t access “internal-app”.
I thought it will be an easy solution, and created an identical CNAME record in the Corporate DNS server. But it seems like it didn’t resolve the problem. In fact, I can’t even resolve the tunnel-ID.cfargotunnel.com address internal or externally.
I was wondering if someone in this group came across a similar situation and appreciate if share a solution.
I have tried to add the following as per your suggestion to the Corp DNS :
internal-app.mysite.com ( CNAME to ) internal-app.mysite.com.cdn.cloudflare.net
But still not working … here is the
dig response from the Corp DNS
$ dig internal-app.mysite.com @CORP-DNS
;; QUESTION SECTION:
;internal-app.mysite.com. IN A
;; ANSWER SECTION:
internal-app.mysite.com. 3600 IN CNAME internal-app.mysite.com.cdn.cloudflare.net.
internal-app.mysite.com.cdn.cloudflare.net. 300 IN A 220.127.116.11
internal-app.mysite.com.cdn.cloudflare.net. 300 IN A 18.104.22.168
;; Query time: 111 msec
but if try to resolve it by pinging … it’s erroring out
$ ping internal-app.mysite.com
ping: cannot resolve internal-app.mysite.com: Unknown host
Can you confirm that the DNS server is configured properly?
never mind … there was a dns propagation delay but it has started working.
Thank you so much @erictung for your prompt solution.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.