CD
Cloudflare Developers4mo ago
Ajinkya

CF Tunnel - AWS Security group

I have CF tunnel implemented which only allows ssh acess to the allowed CIDR. In the same cidr, I also have a gitlab running on public IP. When connected to CF tunnel, I can only access it on port 443 when I allow 0.0.0.0/0 in the security group. I thought maybe I need to allow certain IPs/prefixes provided by CF so I added all the prefixes from https://www.cloudflare.com/ips/ but I still can't access gitlab. When I check the logs I am seeing 104.28.220.197 which is a cloudflare IP. My question is how do I determine which IP cloudflare uses when connected to the tunnel so that I can just whitelist single IP
IP Ranges | Cloudflare
This page is intended to be the definitive source of Cloudflare’s current IP ranges.
2 Replies
Hard@Work
Hard@Work4mo ago
The Tunnel should connect with the IP of the machine it is running on, not a Cloudflare IP
Ajinkya
AjinkyaOP4mo ago
On the tunnel > connectors, I see a 54.69.x.x IP. My own public ip is 49.x.x.x but in the logs for gitlab I see 104.28.220.197
Want results from more Discord servers?
Add your server