Hi, I’m setting up Cloudflare Access for accessing an internal web resource.
I have everything figured out (DNS records and CF Access), except that I need a single, specific IP range to “declare” in my Router, in which I’m setting the port forwarding rule, but CF provides several.
I’m aware of the IP ranges that Cloudflare provides at https://www.cloudflare.com/ips/, but I can only give 1 range to my router. I have tried allowing the first 2 /22 blocks on the list, and there’s no connection yet, but there may be a better way to accomplish this (Even if I get one block right it may change sometime soon).
I’m having Cloudflared as an option, but I still want to do it this way bc in the future I’ll be doing L7 Load Balancing inside this network so I’d like to stick with CF access to keep things easy.
Another way would be to put a custom router in my DMZ but I’d still love to keep things simple.
Another way of figuring this out would be to “catching” the IP that Cloudflare would use with CF Access to hit my website, but it may be the same problem (If I allow that IP, it will change somewhat randomly in the future)