diff --git a/src/content/docs/magic-transit/how-to/configure-tunnels.mdx b/src/content/docs/magic-transit/how-to/configure-tunnels.mdx
index 4eeb25352adce96..207ecc83464205b 100644
--- a/src/content/docs/magic-transit/how-to/configure-tunnels.mdx
+++ b/src/content/docs/magic-transit/how-to/configure-tunnels.mdx
@@ -58,8 +58,9 @@ import { GlossaryTooltip, Render } from "~/components";
healthCheck: "/magic-transit/how-to/tunnel-health-checks/",
productPathProbe: "/magic-transit/reference/tunnel-health-checks/",
antiReplayPagePath: "/magic-transit/reference/anti-replay-protection/",
- BiVsUniHealthCheck: "unidirectional",
+ biVsUniHealthCheck: "unidirectional",
tunnelHealthDash: "/magic-transit/how-to/check-tunnel-health-dashboard/",
+ biVsUniHealthCheckDefaults: "For Magic Transit this option defaults to unidirectional"
}}
/>
diff --git a/src/content/docs/magic-wan/configuration/manually/how-to/configure-tunnels.mdx b/src/content/docs/magic-wan/configuration/manually/how-to/configure-tunnels.mdx
index 6e89eb8314b82c9..42f59e770b6236f 100644
--- a/src/content/docs/magic-wan/configuration/manually/how-to/configure-tunnels.mdx
+++ b/src/content/docs/magic-wan/configuration/manually/how-to/configure-tunnels.mdx
@@ -63,13 +63,12 @@ import { GlossaryTooltip, Render } from "~/components";
params={{
productName: "Magic WAN",
productPathDash: "Magic WAN > Configuration",
- healthCheck:
- "/magic-wan/configuration/common-settings/tunnel-health-checks/",
+ healthCheck: "/magic-wan/configuration/common-settings/tunnel-health-checks/",
productPathProbe: "/magic-wan/reference/tunnel-health-checks/",
antiReplayPagePath: "/magic-wan/reference/anti-replay-protection/",
- BiVsUniHealthCheck: "bidirectional",
- tunnelHealthDash:
- "/magic-wan/configuration/common-settings/check-tunnel-health-dashboard/",
+ biVsUniHealthCheck: "bidirectional",
+ tunnelHealthDash: "/magic-wan/configuration/common-settings/check-tunnel-health-dashboard/",
+ biVsUniHealthCheckDefaults: "For Magic WAN this option defaults to bidirectional"
}}
/>
diff --git a/src/content/partials/magic-transit/tunnel-endpoints/add-tunnels.mdx b/src/content/partials/magic-transit/tunnel-endpoints/add-tunnels.mdx
index 831b987136cb00d..a313e0a803833e9 100644
--- a/src/content/partials/magic-transit/tunnel-endpoints/add-tunnels.mdx
+++ b/src/content/partials/magic-transit/tunnel-endpoints/add-tunnels.mdx
@@ -5,11 +5,12 @@ params:
- healthCheck
- productPathProbe
- antiReplayPagePath
- - BiVsUniHealthCheck
+ - biVsUniHealthCheck
- tunnelHealthDash
+ - biVsUniHealthCheckDefaults
---
-import { Details, Markdown, Render, TabItem, Tabs } from "~/components";
+import { APIRequest, CURL, Details, Markdown, Render, TabItem, Tabs } from "~/components";
@@ -81,131 +82,243 @@ import { Details, Markdown, Render, TabItem, Tabs } from "~/components";
-Create a `POST` request [using the API](/api/resources/magic_transit/subresources/gre_tunnels/methods/create/) to create a GRE tunnel. You will need your [API Key](/fundamentals/api/get-started/keys/#view-your-global-api-key).
+Create a `POST` request [using the API](/api/resources/magic_transit/subresources/gre_tunnels/methods/create/) to create a GRE tunnel.
-Example:
+",
+ "description": "",
+ "interface_address": "",
+ "cloudflare_gre_endpoint": "",
+ "customer_gre_endpoint": ""
+ }}
+/>
-```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/magic/gre_tunnels \
---header "X-Auth-Email: " \
---header "X-Auth-Key: " \
---header "Content-Type: application/json" \
---data '{
- "gre_tunnels": [
+```json output
+{
+ "errors": [
{
- "name": "",
- "description": "",
- "interface_address": "",
- "cloudflare_gre_endpoint": "",
- "customer_gre_endpoint": ""
+ "code": 1000,
+ "message": "message"
+ }
+ ],
+ "messages": [
+ {
+ "code": 1000,
+ "message": "message"
}
- ]
-}'
+ ],
+ "result": {
+ "gre_tunnels": [
+ {
+ "cloudflare_gre_endpoint": "",
+ "customer_gre_endpoint": "",
+ "interface_address": "",
+ "name": "",
+ "description": "",
+ "health_check": {
+ "direction": "unidirectional",
+ "enabled": true,
+ "rate": "low",
+ "type": "reply"
+ },
+ "mtu": 0,
+ "ttl": 0
+ }
+ ]
+ },
+ "success": true
+}
```
-1. Create a `POST` request [using the API](/api/resources/magic_transit/subresources/ipsec_tunnels/methods/create/) to create an IPsec tunnel. You will need your [API Key](/fundamentals/api/get-started/keys/#view-your-global-api-key).
-
-Note that in example below, replay protection is disabled by default. You can enable it with the flag `"replay_protection": true` for each IPsec tunnel, if the devices you use do not support disabling this feature. If you have already created IPsec tunnels, update them with a [`PUT` request](https://developers.cloudflare.com/api/resources/magic_transit/subresources/ipsec_tunnels/methods/update/).
Refer to Anti-replay protection for more information on this topic.
-
-Example:
-
-```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/magic/ipsec_tunnels \
---header "X-Auth-Email: " \
---header "X-Auth-Key: " \
---header "Content-Type: application/json" \
---data '{
- "ipsec_tunnels": [
- {
- "name": "",
- "description": "",
- "interface_address": "",
- "cloudflare_endpoint": "",
- "customer_endpoint": "",
- "replay_protection": false
- }
- ]
-}'
-```
-
-```json output
-{
- "result": {
- "ipsec_tunnels": [
+1. Create a `POST` request [using the API](/api/resources/magic_transit/subresources/ipsec_tunnels/methods/create/) to create an IPsec tunnel.
+
+ Note that in example below, replay protection is disabled by default. You can enable it with the flag `"replay_protection": true` for each IPsec tunnel, if the devices you use do not support disabling this feature. If you have already created IPsec tunnels, update them with a [`PUT` request](/api/resources/magic_transit/subresources/ipsec_tunnels/methods/update/). Refer to Anti-replay protection for more information on this topic.
+
+ ",
+ "description": "",
+ "interface_address": "",
+ "cloudflare_endpoint": "",
+ "customer_endpoint": ""
+ }}
+ />
+
+ ```json output
+ {
+ "errors": [
{
- "id": "",
- "interface_address": "",
- "created_on": "2023-04-21T10:42:22.138586Z",
- "modified_on": "2023-04-21T10:42:22.138586Z",
- "name": "",
- "cloudflare_endpoint": "",
- "customer_endpoint": "",
- "remote_identities": {
- "hex_id": "",
- "fqdn_id": ".ipsec.cloudflare.com",
- "user_id": "ipsec@.ipsec.cloudflare.com"
- },
- "description": " test",
- "health_check": {
- "enabled": true,
- "target": "",
- "type": "reply",
- "rate": "mid"
+ "code": 1000,
+ "message": "message"
+ }
+ ],
+ "messages": [
+ {
+ "code": 1000,
+ "message": "message"
+ }
+ ],
+ "result": {
+ "ipsec_tunnels": [
+ {
+ "id": "",
+ "interface_address": "",
+ "name": "",
+ "cloudflare_endpoint": "",
+ "customer_endpoint": "",
+ "description": "",
+ "health_check": {
+ "direction": "unidirectional",
+ "enabled": true,
+ "rate": "low",
+ "type": "reply"
+ },
+ "psk_metadata": {},
+ "replay_protection": false
}
+ ]
+ },
+ "success": true
+ }
+ ```
+
+ Take note of the tunnel `id` value. We will use it to generate a pre-shared key (PSK).
+
+2. Create a `POST` [request](/api/resources/magic_transit/subresources/ipsec_tunnels/methods/psk_generate/) to generate a PSK. Use the tunnel `id` value you received from the previous command.
+
+
+
+ ```json output
+ {
+ "result": {
+ "ipsec_id": "",
+ "ipsec_tunnel_id": "",
+ "psk": "",
+ "psk_metadata": {
+ "last_generated_on": "2025-03-13T14:28:47.054317925Z"
}
- ]
- },
- "success": true,
- "errors": [],
- "messages": []
-}
-```
+ },
+ "success": true,
+ "errors": [],
+ "messages": []
+ }
+ ```
-2. Create a `POST` request to generate a PSK. Use the tunnel `id` you received from the previous command (exemplified by `` above):
+ Take note of your `psk` value.
-```bash
-curl --request POST \
-https://api.cloudflare.com/client/v4/accounts/{account_id}/magic/ipsec_tunnels/{your_tunnel_id}/psk_generate \
---header "X-Auth-Email: " \
---header "X-Auth-Key: "
-```
+3. Create a `PUT` [request](/api/resources/magic_transit/subresources/ipsec_tunnels/methods/update/) to update your IPsec tunnel with the PSK.
+
+ "
+ }}
+ />
```json output
{
- "result": {
- "ipsec_id": "",
- "ipsec_tunnel_id": "",
- "psk": "",
- "psk_metadata": {
- "last_generated_on": "2023-04-21T10:48:15.953887008Z"
- }
- },
- "success": true,
- "errors": [],
- "messages": []
+ "result": {
+ "modified": true,
+ "modified_ipsec_tunnel": {
+ "id": "",
+ "interface_address": "",
+ "created_on": "2025-03-13T14:28:21.139535Z",
+ "modified_on": "2025-03-13T14:33:26.09683Z",
+ "name": "",
+ "cloudflare_endpoint": "",
+ "customer_endpoint": "",
+ "remote_identities": {
+ "hex_id": "",
+ "fqdn_id": "",
+ "user_id": ""
+ },
+ "psk_metadata": {
+ "last_generated_on": "2025-03-13T14:28:47.054318Z"
+ },
+ "description": "",
+ "health_check": {
+ "enabled": true,
+ "target": "",
+ "type": "reply",
+ "rate": "mid",
+ "direction": "unidirectional"
+ }
+ }
+ },
+ "success": true,
+ "errors": [],
+ "messages": []
}
```
-3. Use the above `psk` value to configure the IPsec tunnel on your equipment. You do not need to take further action to use the PSK on Cloudflare's side, as this value is automatically set.
+4. Use the `psk` value from step 3 to configure the IPsec tunnel on your equipment as well.
-Bidirectional health checks are available for GRE and IPsec tunnels. For Magic WAN this option defaults to bidirectional, while for Magic Transit it defaults to unidirectional.
+Bidirectional health checks are available for GRE and IPsec tunnels. {props.biVsUniHealthCheckDefaults}.
-You can enable bidirectional health checks via the API with `--data '{"health_check": {"direction": "bidirectional"}}'`. For example:
+You can change this setting via the API with `"bidirectional"` or `"unidirectional"`:
-```bash
-curl https://api.cloudflare.com/client/v4/accounts/{account_id}/magic/ipsec_tunnels \
---header "X-Auth-Email: " \
---header "X-Auth-Key: " \
---header "Content-Type: application/json" \
---data '{"health_check": {"direction": "bidirectional"}}'
+
+
+```json output
+{
+ "result": {
+ "modified": true,
+ "modified_ipsec_tunnel": {
+ "id": "",
+ "interface_address": "",
+ "created_on": "2025-03-13T14:28:21.139535Z",
+ "modified_on": "2025-03-13T14:33:26.09683Z",
+ "name": "",
+ "cloudflare_endpoint": "",
+ "customer_endpoint": "",
+ "remote_identities": {
+ "hex_id": "",
+ "fqdn_id": "",
+ "user_id": ""
+ },
+ "psk_metadata": {
+ "last_generated_on": "2025-03-13T14:28:47.054318Z"
+ },
+ "description": "",
+ "health_check": {
+ "enabled": true,
+ "target": "",
+ "type": "reply",
+ "rate": "mid",
+ "direction": "bidirectional"
+ }
+ }
+ },
+ "success": true,
+ "errors": [],
+ "messages": []
+}
```
diff --git a/src/content/partials/magic-transit/tunnel-health/update-tunnel-health-checks-frequency.mdx b/src/content/partials/magic-transit/tunnel-health/update-tunnel-health-checks-frequency.mdx
index 4ca32c025eb09ce..2510c2b91d6792f 100644
--- a/src/content/partials/magic-transit/tunnel-health/update-tunnel-health-checks-frequency.mdx
+++ b/src/content/partials/magic-transit/tunnel-health/update-tunnel-health-checks-frequency.mdx
@@ -6,7 +6,7 @@ params:
- addTunnelsPath
---
-import {AnchorHeading, GlossaryTooltip, Markdown, TabItem, Tabs } from "~/components";
+import { CURL, AnchorHeading, GlossaryTooltip, Markdown, TabItem, Tabs } from "~/components";
By default, Cloudflare servers send health checks to each GRE, CNI, or IPsec tunnel endpoint you configure to receive traffic from {props.productName}.
@@ -47,16 +47,17 @@ You can adjust the health check frequency by updating your [GRE](/api/resources/
Below is an example of how to adjust tunnel health check frequency to `low`. Note that this command applies to GRE, IPsec and CNI tunnels:
-```bash
-curl --request PUT \
-https://api.cloudflare.com/client/v4/accounts/{account_id}/magic/gre_tunnels/{tunnel_id} \
---header "X-Auth-Email: " \
---header "X-Auth-Key: " \
---header "Content-Type: application/json" \
---data '{
- "health_check": {"rate":"low"}
-}'
-```
+
+