Skip to content

Commit

Permalink
PCX-13600 (#16871)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ranbel
ranbel authored Sep 26, 2024
1 parent 4e4c527 commit f49950d
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions ...dflare-one/connections/connect-networks/deploy-tunnels/tunnel-with-firewall.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ pcx_content_type: reference
title: Tunnel with firewall
sidebar:
order: 1
tableOfContents: false
---

You can implement a positive security model with Cloudflare Tunnel by blocking all ingress traffic and allowing only egress traffic from `cloudflared`. Only the services specified in your tunnel configuration will be exposed to the outside world.
Expand All @@ -19,6 +20,7 @@ The parameters below can be configured for egress traffic inside of a firewall.
| ------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---- | ------------------------ |
| `region1.v2.argotunnel.com` | `198.41.192.167`<br/> `198.41.192.67`<br/> `198.41.192.57`<br/> `198.41.192.107`<br/> `198.41.192.27`<br/> `198.41.192.7`<br/> `198.41.192.227`<br/> `198.41.192.47`<br/> `198.41.192.37`<br/> `198.41.192.77` | `2606:4700:a0::1`<br/> `2606:4700:a0::2`<br/> `2606:4700:a0::3`<br/> `2606:4700:a0::4`<br/> `2606:4700:a0::5`<br/> `2606:4700:a0::6`<br/> `2606:4700:a0::7`<br/> `2606:4700:a0::8`<br/> `2606:4700:a0::9`<br/> `2606:4700:a0::10` | 7844 | TCP/UDP (`http2`/`quic`) |
| `region2.v2.argotunnel.com` | `198.41.200.13`<br/> `198.41.200.193`<br/> `198.41.200.33`<br/> `198.41.200.233`<br/> `198.41.200.53`<br/> `198.41.200.63`<br/> `198.41.200.113`<br/> `198.41.200.73`<br/> `198.41.200.43`<br/> `198.41.200.23` | `2606:4700:a8::1`<br/> `2606:4700:a8::2`<br/> `2606:4700:a8::3`<br/> `2606:4700:a8::4`<br/> `2606:4700:a8::5`<br/> `2606:4700:a8::6`<br/> `2606:4700:a8::7`<br/> `2606:4700:a8::8`<br/> `2606:4700:a8::9`<br/> `2606:4700:a8::10` | 7844 | TCP/UDP (`http2`/`quic`) |
| `_v2-origintunneld._tcp.argotunnel.com`<sup>1</sup> | Not applicable | Not applicable | 7844 | TCP (`http2`) |
| `cftunnel.com`<sup>1</sup> | Not applicable | Not applicable | 7844 | TCP/UDP (`http2`/`quic`) |
| `h2.cftunnel.com`<sup>1</sup> | Not applicable | Not applicable | 7844 | TCP (`http2`) |
| `quic.cftunnel.com`<sup>1</sup> | Not applicable | Not applicable | 7844 | UDP (`quic`) |
Expand Down

0 comments on commit f49950d

Please sign in to comment.