I have an app that is behind a firewall with ip allowlisting. Let’s call this admin.mything.com
This currently allows access only to a bunch of IPs. I can add IPs to the list, but I can’t change much else on this firewall.
One such IP address that is allowed is 1.143.27.240 (example)
Currently, we use openvpn to allow users to connect to this, then tunnel traffic to admin.mything.com
I’m interested to use Cloudflare Access for this instead - if at all possible.
-
If accessing
admin.mything.comfrom an already allowlisted IP address
(ie: from within office network) just pass-through -
If accessing from a non-allowlisted IP, show the cloudflare login - so I can use my existing IDP (Microsoft AAD) Once user has logged in (if they are on the allowed list of users) let them access
admin.mything.com
I can get most of the way here using Access → Applications
However, due to the firewall on admin.mything.com, I still need to be on a allowlisted IP.
Could I use Tunnels for this instead?
Would I need to use a different hostname?
remoteadmin.mything.com for example, or could I still use admin.mything.com