Hi,
I have configurerd a CloudFare tunnel against my Home Assistant configuration, that seems to work OK. I use Home Assistant mainly internally and on my mobile phone when I am remote. So for remote access I only need to have access to HA by 2 or 3 Android devices.
Now because I only use the Tunnel I am not thinking this is very secure. At earlier stage I had port 8123 opened on my firewall, I know port forwarding, but I was using IDS / IPS and a Region block on it. I saw that many requests where denied. Besides this HA and all iOT devices are sitting in a seperate VLAN and ofcourse HA MFA enabled…
Now with CloudFare it is running on port 443 using the tunnel and I am not quit sure how effective this is and the amount of data that CloudFare forwards to my HA
So I want to have it more secure, because of this reason I was looking at access policies within CloudFare. I do not want to use VPN on my mobile, because I want my wife also to use it and she will not be using that. MFA is OK, but no VPN. But when I try something with Access Policies within CloudFare, the Companion app does not seems tot work remotely
I also use the Companion App mainly in my house, but that is detected OK.
I mainly need remote Access for the Companion App, but I do not see a configuration with the CloudFare Access Policies where I can create an additional authntication layer for my purpose. Also a Security Rule where I do a Geoblock gives an error with the Companion App
So I was wondering how everyone is using CloudFare in combination with the Companion App and what the Access Policies looks like! Or is this it with only a tunnel?
Thanks in advance!