Dot me also… until it didn’t. don’t know why it worked for a while and now it doesn’t anymore. I also included icloud.com into the No inspect rule but it doesn’t connect anymore, untill I switch off Cloudflare Warp Zero-Trust.
I’m still struggling with this. It seems it doesn’t connect to a FaceTime link at the firs time, but it does when clicking it for a second time. Also I’m unreachable for Facetime calls when Warp is switched on.
Can anyone confirm they got this working without issues? I’m not on a paid plan so I cannot create a support ticket unfortunately.
So, I’ve tracked this down to my Zero Trust account’s ‘Split Tunnels (exclude)’ settings.
I (re)installed Warp from scratch (without logging in to my Zero Trust account) and noticed there were a number of (additional) entries in the Preferences > Advanced > Split Tunnel list, that weren’t in my Zero Trust profile. At that point, all MacOS services were working perfectly too
I logged Warp in to my Zero Trust account and things stopped working!
I noticed that from my Cloudflare dashboard, Zero Trust > Settings > Warp Client > Device settings > Default > Configure > Split Tunnels (Exclude IPs and domains) > Manage …
there were a number of items missing.
Manually adding these ‘missing’ items resulted in everything working again across my entire Warp fleet
One thing to note was that using the “Restore default entries” button DID NOT make my list appear the same as the list from the initial Warp install. I guess the teams responsible for development aren’t in sync with each other. It would be nice if the CF devs could remedy this drift?
Regardless, manually adding the following to my Zero Trust Warp Settings cured all my current Apple woes.
239.255.255.250/32
17.57.144.0/22
17.188.128.0/18
17.188.20.0/23
17.249.0.0/16
17.252.0.0/16
2620:149:a44::/48
2403:300:a42::/48
2403:300:a51::/48
2a01:b740:a42::/48
fc00::/7
Hope that helps anyone else that is currently having issues, especially made worse since the recent MacOS 15 upgrade.
That’s great! I see you have included the IP’s from Apple’s APNs servers as I received an email from Cloudflare warning that those IP’s should be ignored to ensure proper functioning.
All seems to be working except for 1 thing: FaceTime seems to be working properly but when I create a FaceTime Link (so not ‘New FaceTime’ but ‘Create Link’ to invite multiple persons to join a meeting), it cannot connect unless I switch off the Zero Trust Warp client.
And another question: is excluding IP/domain in the split tunnel the same (result) as creating a ‘Do not inspect’ Firewall policy (Gateway > Firewall Policies > HTTP)?
Yeah, I got that email today too, which was nice (but a little late this time - hopefully it’s a good sign of things to come). I still think the devs might do well having ‘presets’ available to enable/disable groups of well-known-services, but heh.
I’ve not used FaceTime Link etc, so can’t verify I’m afraid.
Firewall policies, not sure - I don’t have any Firewall policies set so can’t confirm.