Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Allow only Cloudflare IP's , doesn't work
« previous
next »
Print
Pages: [
1
]
Author
Topic: Allow only Cloudflare IP's , doesn't work (Read 2625 times)
nickro
Newbie
Posts: 5
Karma: 0
Allow only Cloudflare IP's , doesn't work
«
on:
August 22, 2020, 03:14:04 pm »
I have double NAT which is working , 443 is forwarded to NGINX which delivers some internal services.
ISP router provides 192.168.0.2 to WAN on OPNSense and the other network adapter on OPNSense is for local network 192.168.1.0/24
I created Alias with CF IPs from
https://www.cloudflare.com/ips/
, i also added GEOIP block rule. but it seems it doesn't block traffic. For example i can see my mobile phone accessing nginx from blocked address .
Now if i put Cloudflare IPs as an alias in NAT rule (mark as yellow) , traffic doesnt pass no matter if i am accessing via CLoudflare, so i had to add ALLOW ANY in SOURCES.
How can i secure my network so that only Cloudflare IPs are passed to NGINX on 443 .
Picture of FW rules
EDIT: CLoudflare CIDR was not correct
«
Last Edit: August 23, 2020, 01:10:00 am by nickro
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Allow only Cloudflare IP's , doesn't work