Cloudflare Zero Trust

Connect private networks Configure Local Domain Fallback Configure Split Tunnels Traffic routing with WARP 1. Set up the client Create device enrollment rules Create device enrollment rules to determine which devices can enroll to Zero Trust organization. Set device enrollment permissions In Zero Trust, go to Settings > WARP Client > Device enrollment > Device enrollment permissions > Manage. Rules > Policies > Add a rule > Include > Selector > Emails ending in > Value > @ruru910.com. 2. Route private network IPs through WARP In Zero Trust, go to Settings > WARP Client > Device settings > Profile settings > Profile name > Default > Configure. Configure settings: Enabled: Captive portal detection, Mode switch, Allow device to leave organization, Allow updates. Service mode: Gateway with WARP. Local Domain Fallback > Manage > Domain > nas.ruru910.com. Split Tunnels: Exclude IPs and domains > Manage. Delete the IP range of nas.ruru910.com. 3. Filter network traffic with Gateway 1. Enable the Gateway proxy In Zero Trust, go to Settings > Network. Gateway Logging: Capture all. Firewall: Proxy(TCP, UDP, ICMP), WARP to WARP, AV inspection. 2. Create Zero Trust policies Go to Access > Applications > Add an application > Private Network > Application Type > Destination IP. For Value, enter the IP address for your application (for example, 10.128.0.7). Modify policy > identify > Selector > User Email > in > @ruru910.com.