Tunnel - Restrict Users


Recently created first tunnel. Working well. How do I restrict which users have access to the it?

For instance, its a server that only 2 users should be routing to. Rest of the users who connect via WARP client, shouldn’t be able to route to the server.

Thank you.


You should be able to create a gateway rule for this. From the Cloudflare for teams dashboard go to Gateway → Polices
From there click create a new rule and then create a rule similar to this (adjust if needed)

This example will block all connections to when the user email is not [email protected]. Change resolved IP to domain if needed etc.

Hope this helps


Thank you. I shall try this. Managed to get down to user restrict via say email, missed the resolved IP - thought it wasn’t an option.

I’ll report back shortly.

Assume this is a DNS based rule, as opoosed to the others?

Notice you have used blocked first. Assume cloudflare default action is to allow unless specified in policies?

As I have alot of users, wondering if I create a rule that blocks access as default UNLESS users are xyz. The rule doesn’t allow an OR statement though, so not sure if thats an option.

Think I’ve managed to do it.


Desntination IP is (example)
User Email / Not in List / abc123

Ah yeah it will most likely be a Network Policy not a DNS policy but should follow those general rules.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.