self hosted app warp access policy not being enforced and warp=off is on all my devices
hello, i have a self hosted app with warp acces policy but even when im connected to warp with gateway + zero trsut and my tunnel dns is configured i cant access the websites. the website says access forbidden even when im connected to zero trust. thank you!
2 Replies
Support AI
I'd be happy to help you troubleshoot the issue.
Based on the documentation, I found a few potential causes for the "Access Forbidden" error:
1. Gateway firewall policy is blocking traffic: A misconfigured Gateway firewall policy can result in traffic to some or all sites being restricted. To troubleshoot this, try disabling all DNS, Network, and HTTP policies and see if the issue persists. If it does, slowly re-enable your policies to identify the problematic one. (Source: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/troubleshooting/common-issues/)
2. Device does not have a root certificate installed: If the root CA is not installed on the device, you will see untrusted certificate warnings on every website. Make sure to install a Cloudflare certificate on all of your devices or upload your own certificate to Cloudflare. (Source: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/troubleshooting/common-issues/)
3. Third-party security product is interfering with Gateway: WARP does not allow third-party DLP or proxy services to perform TLS decryption on traffic sent to Gateway. Check if a third-party security product is interfering with Gateway and disable HTTPS inspection and TLS decryption for the WARP IP addresses if necessary. (Source: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/troubleshooting/common-issues/)
To further troubleshoot the issue, can you please provide more information about your setup, such as:
* How is your self-hosted app configured?
* What is the exact error message you're seeing?
* Have you checked the Gateway Network logs for any relevant errors?
This will help me provide a more specific solution to your problem.
Sources
This is an AI generated response, it may not be 100% accurate. Please validate the output. You can ask followups by replying to this message or mentioning me.
i have an app one's private net the other one where i have my policy set with my web addresses is self hosted, ive not found a solution and im open to other possible solutions so that i can get it working