I have my domains set up in Cloudflare, and Zero-Trust access works flawlessly. Now, I want to allow access to a self-hosted app based on the IdP user group membership. I followed the instructions at [[Self-hosted applications · Cloudflare Zero Trust]
However, when I want to visit the web app from a device that is not connected through WARP ZeroTrust, I get a DNS resolution issue. I suspect I have to add a DNS record on Cloudflare but I am unsure which it has to be.
As stated in the introduction, I have a Cloudflared tunnel up and running from a server. All is good.
A with internal IP = Not accepted
CNAME with internal LAN FQDN = It “works” but I get the following error: Error 1016 - Origin DNS error .
Here’s a glimpse of the DNS record:
CNAME webapp domain com → webapp domain lan (proxied)
I found no documentation to help achieve the end-goal.