[MWAN] Improved clarity on cloudflared content (cloudflare#26648)

* refined text

* refined content

* refined text

* refined text

* Update src/content/partials/networking-services/magic-wan/zero-trust/tunnel.mdx

Co-authored-by: Pedro Sousa <[email protected]>

---------

Co-authored-by: Pedro Sousa <[email protected]>

Author: marciocloudflare

src/content/partials/networking-services/magic-wan/zero-trust/tunnel.mdx

@@ -8,25 +8,29 @@ params:
 
 import { Render } from "~/components"
 
-Magic WAN can be used together with <a href="/cloudflare-one/networks/connectors/cloudflare-tunnel/">Cloudflare Tunnel</a> for easy access between your networks and applications.
+Magic WAN can work together with <a href="/cloudflare-one/networks/connectors/cloudflare-tunnel/">Cloudflare Tunnel</a> to provide easy access between your networks and applications.
 
-By default, TCP, UDP, and ICMP traffic routed through Magic WAN tunnels and destined to routes behind Cloudflare Tunnel will be proxied/filtered through <a href={props.gatewayURL}>Cloudflare Gateway</a>.
+By default, TCP, UDP, and ICMP traffic routed through Magic WAN tunnels and destined to routes behind Cloudflare Tunnel is proxied and filtered through <a href={props.gatewayURL}>Cloudflare Gateway</a>.
 
-## Cloudflare Tunnel and Magic Networking Route interactions
+## Route evaluation and precedence
 
-<a href="/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/cloudflared/">Private network routes</a> are evaluated together across Cloudflare Tunnel and Magic Networking routing tables. If traffic matches either a Cloudflare Tunnel route (in any virtual network) or a Magic Networking route, then the matched route will determine the next-hop.
+<a href="/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/cloudflared/">Private network routes</a> are evaluated together across the Cloudflare Tunnel and Magic Networking routing tables. If traffic matches either a Cloudflare Tunnel route (in any virtual network) or a Magic Networking route, the matched route determines the next hop.
 
-To design solutions where a destination IP may match both a Cloudflare Tunnel private network route and a Magic Networking route, consult your solutions engineer for guidance.
+When a destination IP matches both a Cloudflare Tunnel private network route and a Magic Networking route, Cloudflare Tunnel takes precedence. This happens whenever a `cloudflared` tunnel CIDR matches a packet, regardless of prefix length. For example, a `cloudflared` tunnel with prefix `10.1.2.0/24` takes precedence over a static route configured to `10.1.2.4/32`, and Cloudflare sends packets over the tunnel instead of a GRE tunnel.
 
-## Test `cloudflared` tunnel integration
+For complex deployments where you need overlapping routes in both Cloudflare Tunnel and Magic Networking, consult your Solutions Engineering team for guidance.
+
+For more information about private network routes with `cloudflared`, refer to <a href="/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/cloudflared/">Connect with cloudflared</a>.
 
-To check if a `cloudflared` tunnel is working properly with your Magic WAN connection, open a browser from a host behind your customer premise equipment, and browse to the `cloudflared` tunnel endpoint.
+## Test `cloudflared` tunnel integration
 
-For example, imagine you have a Cloudflare Tunnel set up with a private network CIDR of `10.1.2.3/32`, a static route defined in Magic WAN for `10.1.2.3/24`, and the device you are trying to connect to is a web server. You can test connectivity to the web server by using a browser to load `https://10.1.2.3`. If the page loads correctly, your Cloudflare Tunnel is working properly. In this scenario, you have overlapping routes defined for Cloudflare Tunnel and Magic WAN.
+To verify that a `cloudflared` tunnel works correctly with your Magic WAN connection:
 
-As mentioned above, if you have overlapping routes in your Magic WAN and Cloudflare Tunnel routing configurations, Cloudflare Tunnel will take precedence. This happens whenever a `cloudflared` tunnel CIDR matches a packet, regardless of prefix length. For example, a `cloudflared` tunnel with prefix `10.1.2.0/24` will take precedence over a static route configured to `10.1.2.4/32`, sending packets over a GRE tunnel.
+1. From a host behind your customer premises equipment, open a browser.
+2. Browse to an IP address or hostname that is reachable through a Cloudflare Tunnel private network route, such as the example destination `10.1.2.3`.
+3. Confirm that the application loads as expected.
 
-For more information, refer to <a href="/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/cloudflared/">Connect private networks</a>.
+If the application loads correctly, Cloudflare Tunnel is handling the traffic as configured.
 
 <Render
 	file="traceroute"
@@ -37,3 +41,4 @@ For more information, refer to <a href="/cloudflare-one/networks/connectors/clou
 		tracerouteURL: props.tracerouteURL
 		}}
 	/>
+