Cloudflare WARP for Teams shows my Okta Verify as coming from Chicago

While I have WARP for Teams installed on my Mac, and I sign into Okta, my Okta 2FA mobile app prompts me to confirm signing in from Chicago when I’m actually in San Francisco. I assume this is due to the proxying through gateway to one of the end points in Chicago.

I was wondering if there was a way to bypass or correct the location of where I’m signing in through Okta through my WARP connected machine? There are certain security safeguards enabled in our Okta tenant that disallows someone to sign in if they sign in from a different location over X miles within a certain amount of time. ie, I sign in from San Francisco at 10am, then I sign in again at 1010am from New York. Okta might raise a flag and assume that might be a malicious log in from NY and block or limit that login. I’m trying to prevent WARP from triggering a similar policy in Okta.

Hi @dmarcantonio, for your configuration you could try split tunneling traffic destined for Okta. In the Teams dash, navigate to Gateway → Policies → Settings and click on “Manage Split Tunnels.” We’re going to release support for customers to send traffic outside the Warp tunnel on a per-hostname basis, but for the moment you can input IP addresses for those Okta destinations.