Skip to main content

Dear Team,

Anyone can address which domains or settings need to bypass in DNS settings to login cloudflare warp client successfully?

 

My Jamf Web Protection only enable Internet Content Filtering, therefore MAC OS machine no need Jamf Trust, it only needs profile configuration , UEM connect settings in place.

I have the issue that  When the DNS settings disable I am able to login CloudFlare WARP client 

If the the DNS settings enable, i can not login the CloudFlare WARP client with the error message "CF_DNS_LOOKUP_FAILURE." and here is the solution 

  1. Verify that the network the user is on has DNS connectivity.
  2. Verify that DNS resolution works when WARP is disabled.
  3. Ensure that no third-party tools are interfering with WARP for control of DNS.
  4. Ensure that no third-party tools are performing TLS decryption 5 on traffic to the WARP IP addresses 4.

I already tried to bypass these domains without help in configuration proflie

<string>*.cloudflareclient.com</string>

<string>*.cloudflarestatus.com</string>

<string>*.cloudflareinsights.com</string>

<string>*.cloudflareaccess.com</string>

<string>*.cloudflare-gateway.com</string>

Thanks all

 

I'm having the same issue, have you found a solution so far? 

 

 

I know this is late but for future reference this issue can be solved by editing the Jamf Protect Activation Config Profile you get in Jamf from Radar (Security Cloud). The profile has a DNS settings payload, click it and on the right side you have a section called On-demand rules the under section DomainAction/NeverConnect/Domains you need to add <string>connectivity-check.warp-svc</string> at the bottom of that list. Once you do that and redeploy the profile to your machine and Warp should connect.

<key>DomainAction</key>
<string>NeverConnect</string>
<key>Domains</key>
<array>
<string>connectivity-check.warp-svc</string>
</array>

Reply


Terms & ConditionsCookie settings