[Gateway] CIDR ranges for FQDN selectors in split tunnel/warp-to-warp (#26242)

Maddy-Cloudflare · marciocloudflare · web-flow · commit 79d43a46553c · 2025-11-03T14:17:02.000Z
* [Gateway] CIDR ranges for FQDN selectors in split tunnel/warp-to-warp

* Apply suggestions from code review

Co-authored-by: marciocloudflare &lt;83226960+marciocloudflare@users.noreply.github.com&gt;

---------

Co-authored-by: marciocloudflare &lt;83226960+marciocloudflare@users.noreply.github.com&gt;
diff --git a/src/content/docs/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/warp-to-warp.mdx b/src/content/docs/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/warp-to-warp.mdx
@@ -34,8 +34,16 @@ This guide covers how to:
 3. Enable **Allow WARP to WARP connection**. This allows Cloudflare to route traffic to the <GlossaryTooltip term="CGNAT IP">CGNAT IP</GlossaryTooltip> space.
 4. In your [Split Tunnel configuration](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/), ensure that traffic to `100.96.0.0/12` is going through WARP:
 
-- If using **Exclude** mode, delete `100.64.0.0/10` from the list and re-add `100.64.0.0/11` and `100.112.0.0/12`.
-- If using **Include** mode, add `100.96.0.0/12` to your list.
+- If using **Exclude** mode, delete `100.64.0.0/10` from the list and add the following IP addresses:
+  
+  - `100.64.0.0/12`
+  - `100.81.0.0/16`
+  - `100.82.0.0/15`
+  - `100.84.0.0/14`
+  - `100.88.0.0/13`
+  - `100.112.0.0/12`
+
+- If using **Include** mode, add `100.96.0.0/12` and `100.80.0.0/16` to your list.
 
 This will instruct WARP to begin proxying any traffic destined for a `100.96.0.0/12` IP address to Cloudflare for routing and policy enforcement.
 
diff --git a/src/content/docs/cloudflare-one/traffic-policies/egress-policies/host-selectors.mdx b/src/content/docs/cloudflare-one/traffic-policies/egress-policies/host-selectors.mdx
@@ -102,11 +102,13 @@ To configure your Zero Trust organization to use Host selectors with Egress poli
 			- `100.82.0.0/15`
 			- `100.84.0.0/14`
 			- `100.88.0.0/13`
-			- `100.96.0.0/11`
+			- `100.112.0.0/12`
+			
+			And remove `100.64.0.0/10` IP address.
 
     </TabItem> <TabItem label="Include IPs and domains">
 		1.  Add the required [Zero Trust domains](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/#cloudflare-zero-trust-domains) or [IP addresses](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/#cloudflare-zero-trust-ip-addresses) to your Split Tunnel include list.
-		2.  [Add a route](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to include the IP address `100.80.0.0/16`.
+		2.  [Add a route](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to include `100.80.0.0/16` and `100.96.0.0/12` IP addresses.
 
     </TabItem> </Tabs>
 
