WAF and CF ZERO Trust


I’m new using the Cloudflare WAF and CF ZERO Trust.

What i want to do:
Deny access from ip not coming from certain IP’s (ipv4 and ipv6) => for that part i know how to do it and it is functionning.

But for the denied i should want to redirect to the “CF ZERO Trust” to try to authenticate via pin code sended to an email of a user.
At CF ZERO Trust, i already configured a authentication mechanism wich send email for pin code to be encoded to grant access but the IP is not listed in the authorized ip’s.

Someone know a manner to do so ?
DENied IP’s => authentication with pin code
ALLOWED IP’s=>no authentication mechanism necessary (from Cloudflare)

Best regards,

2 Access policies for the application.

First one to allow an IP range… generally not something I’d recommend, but it’s what you’re trying to do so :person_shrugging:

Second one to require OTP with allowed addresses.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.