- Employees have a higher threat score due to their IP. Employees can’t log in to any of our protected zones because the cloudflared request is challenged by Cloudflare.
- Firewall rules used to mitigate DDoS attacks conflict with the requests made by the Go Client library during authentication.
We have faced (2) in the past; however, today, I woke up to an employee who couldn’t access their remote work environment due to their IP having a higher threat score (dynamic IPs).
Ultimately we can create a firewall rule bypass based on the Host (if it’s from an access zone) and user agent; however, it would be ideal if this was handled by Cloudflare natively IMHO since it would save time and a firewall rule.