Cloudflare - IIS Request Filtering / UrlRewrite: Allow requests if a custom headers (CF-Connecting-IP) contains a value (Specific IP)

I have situation where I want to limit access to website only when the users are connected to VPN. But the problem is that cloudlfare sends the request from a different IP rather than the actual customer IP. After searching I got to know that cloudflare sends the customer IP in CF-Connecting-IP header.

Now, I want to filter my request in IIS using this. I tried Request filtering and URL rewrite but it seems I am not able to configure it correctly.

If anyone knows how to achieve it, please help.

Thank You

I found it using URL Rewrite rule.

What I did is as follows:

1. Add a new Blank Rule.
2. In the Match URL section Requested URL: Matches the pattern Using: Regular Expression Pattern: (.*)
3. In the conditions section -> Add a new rule -> Input: {ALL_HTTP} -> Check if input string: Does not match the pattern -> Pattern: HTTP_CF_CONNECTING_IP:\b(1\.2\.3\.4|ip2|ip3)\b
4. In Action section -> Action Type: Abort Request

After applying this every non authenticated server will get 520 error and of course you can change the expression as needed.

Hope this helps someone.