Cloudflare Access - Require IP Range

I’ve been fiddling with the rules I created for an application behind Access using rules. I’m on the free tier for now, but the issue I’m having, is that I’m requiring my gateway and IP range from our on premise office to access this site. When I use the Required rules > IP Ranges, the site doesn’t appear in the App Launcher using external IP range of our office.

What am I missing here? It’s probably something simple, but I’m not 100% sure what the issue is. Thank you for any guidance. :slight_smile:

Are you using a valid CIDR range? Can you post a representation of what you put in that field? Something like 12.34.56.78/32

Yes, I’m using CIDR format:

So: 1.2.3.4/32 and 1.2.4.5/28

Ok, just figured it out. The logic in each field looks like it’s AND. So having both the gateway and external range was breaking things.

Would be cool to have operators. So gateway OR IP range. That would’ve fixed my issue. Either way, this is solved.

1 Like

Rules work like logical operators. They help you define which categories of users your policy will affect. Each action needs at least an Include rule; for each action, you can set as many rules as you need.

These are the rule types you can choose from:

Include Exception Require
The Include action is similar to an OR logical operator. In case more than one Include rule is specified, users need to meet only one of the criteria. Exceptions work like a NOT logical operator. A user meeting any Exclude criteria won’t be allowed access to the application. The Require rule works like an AND logical operator. A user must meet all specified Require rules to be allowed access.
1 Like

Thanks for this, it’s very helpful. I must’ve missed that in the docs. :slight_smile:

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.