Tunnel - Application Policy Bypass

Hi All,
Apologies uf this is in the wrong place. I am trying to setup an Application policy that requires 2FA via email when not from Select IP’s. However with the IP added in a bypass policy at the top of the policy list for the application I just get a 403 error on my client.

We dont use IPv6 for our public IP at the moment.

Anyone seen this before? Or am i doing something wrong.

Regards,

Hello, can you please share a snippet or the entire section of the bypass policy you mentioned. Please be sure to remove or sanitize any sensitive text or screenshots before posting a reply.

Hi All,
Apologies for the delay in replying with screen shots.

Below is a screen shot of the Policy Order;

Below is a screen shot of the BypassIP conditions;
Cloudflare_BypassIP

Bellow is a screen shot of the Prompt conditions;
Cloudflare_Email

Bellow is a screen shot of the Access Policy assigned to the hostname;
Cloudflare_Tunnel Assignment

I theory I believe this should allow traffic through that is from the IP’s in the BypassIP Conditions and if the connection doesn’t match it should then prompt for a Email Address for the connection.

However I might be mis understanding how this should apply.

Regards,

Bellow is a screen shot of the Prompt conditions;

Bellow is a screen shot of the Access Policy assigned to the hostname;

Below is a screen shot of the BypassIP Conditions;

Apologies for the multiple replies, apparently as a new user you can only embed 1 image at a time.

Hello teparky,
Did you find a soulution to this problem? I’m also having the same issue