Cloudflare Community

Is Applications Access Policies not work now?

Zero Trust Access

will.lai March 15, 2023, 5:46am 1

I’m having an issue with Cloudflare Zero Trust when trying to set up multiple sites using the following policies:

Self-hosted application
Access Groups
- Set as default group
- Group configuration
  - Include
  - Include <@xxx.com>

Previously, this setup was working perfectly fine for me. However, today I noticed that the application is no longer redirecting to Cloudflare Zero Trust Auth as it should.

I have tried accessing the sites from multiple devices, including PCs, mobile devices, and tablets, as well as in incognito mode on both Chrome and Edge browsers. Despite these efforts, the issue still persists.

I would greatly appreciate any help in identifying the root cause of this issue and any suggestions on how to fix it. Thank you for your assistance.

will.lai March 15, 2023, 6:01am 2

Additional info

Policy Action: allow
Assign a group: include

stefano1 March 15, 2023, 3:08pm 3

hey would you be able to share more details? do you have a ticket opened with support?

What are the current IdP that you’re using? add here the full configuration so we can check that and set up so we can try to reproduce?

stefano1 March 15, 2023, 3:31pm 4

If I were you, I would start by deleting the policy and recreate it.
Your Access Admin activity logs under > Logs > Admin, should show you any recent changes made in there.

will.lai March 16, 2023, 9:30am 5

Thanks for your reply.

One thing I noticed is that I have two domains, under the same Zero Trust setting condition. All of the applications in domain A work normally, but none of the applications in B are being protected.

The difference lies in the DNS status. If the DNS record is not set to ‘proxied’, Zero Trust Access will not be enabled.