From f49950d0e41f5c6c478a5db70660145beb3f028a Mon Sep 17 00:00:00 2001
From: ranbel <101146722+ranbel@users.noreply.github.com>
Date: Thu, 26 Sep 2024 11:47:51 -0400
Subject: [PATCH] PCX-13600 (#16871)
---
.../connect-networks/deploy-tunnels/tunnel-with-firewall.mdx | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/content/docs/cloudflare-one/connections/connect-networks/deploy-tunnels/tunnel-with-firewall.mdx b/src/content/docs/cloudflare-one/connections/connect-networks/deploy-tunnels/tunnel-with-firewall.mdx
index 686ddf230740c54..16d9512ea66262e 100644
--- a/src/content/docs/cloudflare-one/connections/connect-networks/deploy-tunnels/tunnel-with-firewall.mdx
+++ b/src/content/docs/cloudflare-one/connections/connect-networks/deploy-tunnels/tunnel-with-firewall.mdx
@@ -3,6 +3,7 @@ pcx_content_type: reference
title: Tunnel with firewall
sidebar:
order: 1
+tableOfContents: false
---
You can implement a positive security model with Cloudflare Tunnel by blocking all ingress traffic and allowing only egress traffic from `cloudflared`. Only the services specified in your tunnel configuration will be exposed to the outside world.
@@ -19,6 +20,7 @@ The parameters below can be configured for egress traffic inside of a firewall.
| ------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---- | ------------------------ |
| `region1.v2.argotunnel.com` | `198.41.192.167`
`198.41.192.67`
`198.41.192.57`
`198.41.192.107`
`198.41.192.27`
`198.41.192.7`
`198.41.192.227`
`198.41.192.47`
`198.41.192.37`
`198.41.192.77` | `2606:4700:a0::1`
`2606:4700:a0::2`
`2606:4700:a0::3`
`2606:4700:a0::4`
`2606:4700:a0::5`
`2606:4700:a0::6`
`2606:4700:a0::7`
`2606:4700:a0::8`
`2606:4700:a0::9`
`2606:4700:a0::10` | 7844 | TCP/UDP (`http2`/`quic`) |
| `region2.v2.argotunnel.com` | `198.41.200.13`
`198.41.200.193`
`198.41.200.33`
`198.41.200.233`
`198.41.200.53`
`198.41.200.63`
`198.41.200.113`
`198.41.200.73`
`198.41.200.43`
`198.41.200.23` | `2606:4700:a8::1`
`2606:4700:a8::2`
`2606:4700:a8::3`
`2606:4700:a8::4`
`2606:4700:a8::5`
`2606:4700:a8::6`
`2606:4700:a8::7`
`2606:4700:a8::8`
`2606:4700:a8::9`
`2606:4700:a8::10` | 7844 | TCP/UDP (`http2`/`quic`) |
+| `_v2-origintunneld._tcp.argotunnel.com`1 | Not applicable | Not applicable | 7844 | TCP (`http2`) |
| `cftunnel.com`1 | Not applicable | Not applicable | 7844 | TCP/UDP (`http2`/`quic`) |
| `h2.cftunnel.com`1 | Not applicable | Not applicable | 7844 | TCP (`http2`) |
| `quic.cftunnel.com`1 | Not applicable | Not applicable | 7844 | UDP (`quic`) |