Multiple policies?

Zero Trust
1

Hello - very new to CF Zero trust. I have tunnels setup and can access my private network from outside my home. It works great. I would now like to increase the security.

My home public IP never changes. So when I access my services from my home computer, I don’t want any additional CF authentication to happen… but if I access my services from say my work, or the airport, I want to have the email policy work.

How do I properly set that up?

//Brew

3

I have two policies in my application. One to BYPASS for my Home IP group, and one to ALLOW my email addresses:

Screenshot 2023-11-18 at 6.18.45 AM
Screenshot 2023-11-18 at 6.18.45 AM2722×550 63 KB

Screenshot 2023-11-18 at 6.19.32 AM
Screenshot 2023-11-18 at 6.19.32 AM1214×470 38.9 KB

(I didn’t quite name my email policy the same as my email group, so it’s a bit confusing)

4

I’ll give a similar setup a try and see what happens. Thanks!

1 Like
5

Actually maybe one last question… How do I ensure my mobile phone is ALWAYS permitted to access some of my apps? No matter what public IP it has…?