Cloudflared + VNC and SSH break with bypass or service auth rules

I set up a web-based VNC access with cloudflared similar to this guide

Also using the same tunnel, a web-based SSH access similar to this guide

With only ‘Allow’ email rules set up with access, this works.
If I have any IP-based Bypass or Service Auth rules, then it breaks without any errors. I just get a blank screen in the browser, it is a completely empty response. Removing those rules, and my applications work as expected. So it seems we cannot use bypass or service auth access rules with these web-basesd applications.

Is it a known issue or potentially a documentation update? I was very confused at first because I started off with the bypass rules, so this could potentially confuse others as well.



Same error here using web-based SSH!
Have not yet found a solution but will keep my eyes open. Let me know if you can find something.

greetings, Michel

1 Like

Hi, I have the same problem? Did you manage to fix it? Thanks!

Hey Cloudflare! Same issue, can you respond? Looks like we’re on a year here of SSH / VNC browser rendered sessions not working with Service Auth.

Hey everyone,

Yes, this is a documentation oversight. SSH and VNC applications must be used with an Allow rule action. These implementations were built to expect a user authentication as part of the flow.

add Allow Only Caveat for VNC and SSH by kennyj42 · Pull Request #7311 · cloudflare/cloudflare-docs (

I’ve opened a pull request to modify the docs and call out this limitation.


Thanks for the confirmation here @kjohnson1, much appreciated!!