You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-with-firewall.mdx
+7Lines changed: 7 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -8,6 +8,13 @@ tableOfContents: false
8
8
9
9
You can implement a positive security model with Cloudflare Tunnel by blocking all ingress traffic and allowing only egress traffic from `cloudflared`. Only the services specified in your tunnel configuration will be exposed to the outside world.
10
10
11
+
How you configure your firewall depends on the firewall type:
12
+
13
+
- If your firewall supports domain-based rules (FQDN allowlists), you can allow outbound connections to the hostnames listed below.
14
+
- If your firewall requires IP-based rules, allow outbound connections to all listed IP addresses for each domain.
15
+
16
+
Ensure port `7844` is allowed for both TCP and UDP protocols (for `http2` and `quic`).
17
+
11
18
## Ports
12
19
13
20
The parameters below can be configured for egress traffic inside of a firewall.
0 commit comments