It is a school and their firewalls oy allow white listing by IP
Following are not our real ones
For our url www.example.com we have
As are CF addresses. Our tech guys say those are different for every part of the USA and elsewhere. Are they mistaken?
You can use BYOIP. One of the BYOIP use cases is explicitly because your existing range is whitelisted in places like your customers firewalls.
On an Enterprise plan you can request dedicated IP addresses.
But they do change. If your customers will suddenly loose access it is a terrible customer experience. When the addresses change it is without any notice, so until every customer updates their firewall you have an outage.
If the first two options are not suitable for you, then the only viable option for your customers is to whitelist all the Cloudflare IP addresses.