diff --git a/src/content/partials/cloudflare-one/access/access-block-page.mdx b/src/content/partials/cloudflare-one/access/access-block-page.mdx index 6184c4944de3c5..cf2c7dc89797a3 100644 --- a/src/content/partials/cloudflare-one/access/access-block-page.mdx +++ b/src/content/partials/cloudflare-one/access/access-block-page.mdx @@ -7,4 +7,4 @@ Under **Block page**, choose what end users will see when they are denied access * **Cloudflare default**: Reload the [login page](/cloudflare-one/reusable-components/custom-pages/access-login-page/) and display a block message below the Cloudflare Access logo. The default message is `That account does not have access`, or you can enter a custom message. * **Redirect URL**: Redirect to the specified website. -* **Custom page template**: Display a [custom block page](/cloudflare-one/reusable-components/custom-pages/access-block-page/) hosted in Zero Trust. +* **Custom page template**: Display a [custom block page](/cloudflare-one/reusable-components/custom-pages/access-block-page/) hosted in Cloudflare One. diff --git a/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx b/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx index 250c01c0867128..9f4e07530cfec2 100644 --- a/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx +++ b/src/content/partials/cloudflare-one/access/add-infrastructure-app.mdx @@ -13,7 +13,7 @@ import { -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**. 2. Select **Add an application**. 3. Select **Infrastructure**. 4. Enter any name for the application. diff --git a/src/content/partials/cloudflare-one/access/add-mtls-cert.mdx b/src/content/partials/cloudflare-one/access/add-mtls-cert.mdx index f9523bbea67e1f..caf3fa6187e6e5 100644 --- a/src/content/partials/cloudflare-one/access/add-mtls-cert.mdx +++ b/src/content/partials/cloudflare-one/access/add-mtls-cert.mdx @@ -3,7 +3,7 @@ params: - product --- -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Service auth** > **Mutual TLS**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Service credentials** > **Mutual TLS**. 2. Select **Add mTLS Certificate**. diff --git a/src/content/partials/cloudflare-one/access/add-target.mdx b/src/content/partials/cloudflare-one/access/add-target.mdx index 78247f9c4655dd..51c02dd8617274 100644 --- a/src/content/partials/cloudflare-one/access/add-target.mdx +++ b/src/content/partials/cloudflare-one/access/add-target.mdx @@ -16,7 +16,7 @@ To create a new target:

) : -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Networks** > **Targets**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Targets**. 2. Select **Add a target**. 3. In **Target hostname**, enter a user-friendly name for the target. We recommend using the server hostname, for example `production-server`. The target hostname does not need to be unique and can be reused for multiple targets. Hostnames are used to define the targets secured by an Access application; they are not used for DNS address resolution.
diff --git a/src/content/partials/cloudflare-one/access/app-launcher.mdx b/src/content/partials/cloudflare-one/access/app-launcher.mdx index 14ea0928efb94f..c0a6b8483b9e55 100644 --- a/src/content/partials/cloudflare-one/access/app-launcher.mdx +++ b/src/content/partials/cloudflare-one/access/app-launcher.mdx @@ -18,25 +18,25 @@ By default, the App Launcher is disabled. To enable it, you must configure a pol To enable the App Launcher: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Access settings**. -2. Under the **App Launcher** card, select **Manage**. +2. Under the **Manage your App Launcher** card, select **Manage**. -3. On the **Rules** tab, [build a rule](/cloudflare-one/access-controls/policies/) to define who can access your App Launcher portal. These rules do not impact permissions for the applications secured behind Access. +3. On the **Policies** tab, [build a policy](/cloudflare-one/access-controls/policies/) to define who can access your App Launcher portal. These rules do not impact permissions for the applications secured behind Access. 4. On the **Authentication** tab, choose the identity providers users can authenticate with. 5. Select **Save**. -The App Launcher is now available at `.cloudflareaccess.com`. You can always edit your App Launcher rules by going to **Settings** > **Authentication**. +The App Launcher is now available at `.cloudflareaccess.com`. You can always edit your App Launcher rules by going to **Access controls** > **Access settings**. ## Add a tile to the App Launcher -Tiles have a one-to-one relationship with each application you create in Access. The tile names displayed in the Access App Launcher portal correspond to the application names listed under **Access** > **Applications**. For example, if you create one application for general access to your Jira deployment and a separate application that restricts requests to a particular Jira path, a user authorized for both will see separate tiles for each. If you add multiple hostnames to a single application, the user will only see the domain selected in the application's **App Launcher** settings. +Tiles have a one-to-one relationship with each application you create in Access. The tile names displayed in the Access App Launcher portal correspond to the application names listed under **Access controls** > **Applications**. For example, if you create one application for general access to your Jira deployment and a separate application that restricts requests to a particular Jira path, a user authorized for both will see separate tiles for each. If you add multiple hostnames to a single application, the user will only see the domain selected in the application's **App Launcher** settings. To show an Access application in the App Launcher: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**. 2. Select an application and select **Configure**. 3. Go to **Experience settings**. 4. Select **Show application in App Launcher**. The App Launcher link will only appear for users who are allowed by your Access policies. Blocked users will not see the app in their App Launcher. @@ -67,7 +67,7 @@ You can display your own branding, messages, and links to users when they open t To customize the App Launcher appearance: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Custom Pages**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Reusable components** > **Custom Pages**. 2. Find the **Customize App Launcher** setting and select **Customize**. 3. Give the App Launcher the look and feel of your organization by adding: - Your organization's name diff --git a/src/content/partials/cloudflare-one/access/block-page.mdx b/src/content/partials/cloudflare-one/access/block-page.mdx index d5da105a4f6603..37e34e6b53e20d 100644 --- a/src/content/partials/cloudflare-one/access/block-page.mdx +++ b/src/content/partials/cloudflare-one/access/block-page.mdx @@ -31,7 +31,7 @@ Only available on Pay-as-you-go and Enterprise plans. To create a custom block page for Access: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Custom Pages**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Reusable components** > **Custom Pages**. 2. Find the **Access Custom Pages** setting and select **Manage**. diff --git a/src/content/partials/cloudflare-one/access/bookmarks.mdx b/src/content/partials/cloudflare-one/access/bookmarks.mdx index e79d224b145ac6..5a53b6b60cf79f 100644 --- a/src/content/partials/cloudflare-one/access/bookmarks.mdx +++ b/src/content/partials/cloudflare-one/access/bookmarks.mdx @@ -3,11 +3,11 @@ --- -With Cloudflare Zero Trust, you can show applications on the [App Launcher](/cloudflare-one/access-controls/access-settings/app-launcher/) even if those applications are not secured behind Access. This way, users can access all the applications they need to work, all in one place — regardless of whether those applications are protected by Access. +With Cloudflare One, you can show applications on the [App Launcher](/cloudflare-one/access-controls/access-settings/app-launcher/) even if those applications are not secured behind Access. This way, users can access all the applications they need to work, all in one place — regardless of whether those applications are protected by Access. Links to applications not protected by Access can be added as bookmarks. To add a bookmark: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application** > **Bookmark**. diff --git a/src/content/partials/cloudflare-one/access/create-service-token.mdx b/src/content/partials/cloudflare-one/access/create-service-token.mdx index b2376289c54ed2..166f4b605efd23 100644 --- a/src/content/partials/cloudflare-one/access/create-service-token.mdx +++ b/src/content/partials/cloudflare-one/access/create-service-token.mdx @@ -7,7 +7,7 @@ import { Tabs, TabItem, Details, APIRequest } from '~/components'; -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Service Auth** > **Service Tokens**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Service credentials** > **Service Tokens**. 2. Select **Create Service Token**. diff --git a/src/content/partials/cloudflare-one/access/enable-isolation.mdx b/src/content/partials/cloudflare-one/access/enable-isolation.mdx index ab221690e86537..5b9ec35132d7ed 100644 --- a/src/content/partials/cloudflare-one/access/enable-isolation.mdx +++ b/src/content/partials/cloudflare-one/access/enable-isolation.mdx @@ -6,7 +6,7 @@ import { Render } from "~/components"; -3. Go to **Access** > **Applications**. +3. Go to **Access controls** > **Applications**. 4. Choose a [self-hosted application](/cloudflare-one/access-controls/applications/http-apps/self-hosted-public-app/) and select **Configure**. 5. Go to **Policies**. 6. Choose an [Allow policy](/cloudflare-one/access-controls/policies/) and select **Configure**. diff --git a/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx b/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx index ea8d217047574a..3e24c61bff4404 100644 --- a/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx +++ b/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx @@ -6,7 +6,7 @@ params: import { Markdown } from "~/components" -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**. 2. Find the {props.idp} integration and select **Edit**. @@ -15,8 +15,8 @@ import { Markdown } from "~/components" 4. (Optional) Configure the following settings: * **Enable user deprovisioning**: [Revoke a user's active session](/cloudflare-one/access-controls/access-settings/session-management/#per-user) when they are removed from the SCIM application in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-sessions/). -* **Remove user seat on deprovision**: [Remove a user's seat](/cloudflare-one/team-and-resources/users/seat-management/) from your Zero Trust account when they are removed from the SCIM application in {props.idp}. -* **SCIM identity update behavior**: Choose what happens in Zero Trust when the user's identity updates in {props.idp}. +* **Remove user seat on deprovision**: [Remove a user's seat](/cloudflare-one/team-and-resources/users/seat-management/) from your Cloudflare One account when they are removed from the SCIM application in {props.idp}. +* **SCIM identity update behavior**: Choose what happens in Cloudflare One when the user's identity updates in {props.idp}. - _Automatic identity updates_: Automatically update the [User Registry identity](/cloudflare-one/insights/logs/users/) when {props.idp} sends an updated identity or group membership through SCIM. This identity is used for Gateway policies and WARP [device profiles](/cloudflare-one/team-and-resources/devices/warp/configure-warp/device-profiles/); Access will read the user's updated identity when they reauthenticate. - _Group membership change reauthentication_: [Revoke a user's active session](/cloudflare-one/access-controls/access-settings/session-management/#per-user) when their group membership changes in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-sessions/). Access will read the user's updated group membership when they reauthenticate. - _No action_: Update the user's identity the next time they reauthenticate to Access or WARP. diff --git a/src/content/partials/cloudflare-one/access/idp-integration.mdx b/src/content/partials/cloudflare-one/access/idp-integration.mdx index 047a16ec61d24d..0b585e38a59e67 100644 --- a/src/content/partials/cloudflare-one/access/idp-integration.mdx +++ b/src/content/partials/cloudflare-one/access/idp-integration.mdx @@ -6,9 +6,9 @@ import {Render, Tabs, TabItem} from "~/components" -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**. -2. In the **Login methods** card, select **Add new**. +2. In the **Your identity providers** card, select **Add new identity provider**. 3. Select the identity provider you want to add. @@ -25,7 +25,7 @@ import {Render, Tabs, TabItem} from "~/components" 1. Add the following permission to your [`cloudflare_api_token`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/api_token): - `Access: Organizations, Identity Providers, and Groups Write` -2. Add an identity provider to Zero Trust using the [`cloudflare_zero_trust_access_identity_provider`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_access_identity_provider) resource. For example, to add a Microsoft Entra ID integration: +2. Add an identity provider to Cloudflare One using the [`cloudflare_zero_trust_access_identity_provider`](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zero_trust_access_identity_provider) resource. For example, to add a Microsoft Entra ID integration: diff --git a/src/content/partials/cloudflare-one/access/login-page.mdx b/src/content/partials/cloudflare-one/access/login-page.mdx index ed716ad3ba61b7..7ff9f79d06b17b 100644 --- a/src/content/partials/cloudflare-one/access/login-page.mdx +++ b/src/content/partials/cloudflare-one/access/login-page.mdx @@ -5,9 +5,9 @@ To change the appearance of your login page: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Custom Pages**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Reusable components** > **Custom pages**. -2. Find the **Login page** setting and select **Customize**. +2. Find the **Access login page** setting and select **Manage**. 3. Give the login page the look and feel of your organization by adding: diff --git a/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx b/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx index 29c703aba50c19..920528585f499f 100644 --- a/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx +++ b/src/content/partials/cloudflare-one/access/okta-zt-steps.mdx @@ -4,9 +4,9 @@ import {} from "~/components" -11. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Authentication**. +11. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Integrations** > **Identity providers**. -12. Under **Login methods**, select **Add new**. Select **Okta** as your identity provider. +12. Under **Your identity providers**, select **Add new identity provider**. Select **Okta** as your identity provider. 13. Fill in the following information: - **Name**: Name your identity provider. diff --git a/src/content/partials/cloudflare-one/access/rule-group.mdx b/src/content/partials/cloudflare-one/access/rule-group.mdx index 67a93bb6dad19f..6057108aa95afb 100644 --- a/src/content/partials/cloudflare-one/access/rule-group.mdx +++ b/src/content/partials/cloudflare-one/access/rule-group.mdx @@ -8,7 +8,7 @@ To create an Access rule group: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Rule groups**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Policies**, and select the **Rule groups** tab. 2. Select **Add a group**. 3. Enter a name for the group (for example, `Lisbon-team`). 4. Specify as many rules as needed to define your user group. For example, the following rules define a team based in Lisbon, Portugal: diff --git a/src/content/partials/cloudflare-one/access/saas-apps/miro-sso.mdx b/src/content/partials/cloudflare-one/access/saas-apps/miro-sso.mdx index 4b0c8e2aeeeb20..0c88cd0f401e32 100644 --- a/src/content/partials/cloudflare-one/access/saas-apps/miro-sso.mdx +++ b/src/content/partials/cloudflare-one/access/saas-apps/miro-sso.mdx @@ -6,8 +6,8 @@ inputParameters: uiLocation;;stepIntro 1. In Miro, select your profile picture > **Settings** > {props.one}. 2. Turn on **SSO/SAML**. 3. Fill in the following fields: - * **SAML Sign-in URL**: SSO endpoint from application configuration in Cloudflare Zero Trust - * **Key x509 Certificate**: Public key from application configuration in Cloudflare Zero Trust + * **SAML Sign-in URL**: SSO endpoint from application configuration in Cloudflare One + * **Key x509 Certificate**: Public key from application configuration in Cloudflare One 4. In **Domain**, enter the domain you want to configure SSO for and select **Enter**. 5. {props.two} an email address from that domain and select **send verification**. 6. Once you receive a verification email, select the link in the email, then select **Save**. When the domain is successfully configured, the **VERIFY EMAIL** label next to the domain in the SSO/SAML configuration page will disappear. diff --git a/src/content/partials/cloudflare-one/access/self-hosted-app/create-app.mdx b/src/content/partials/cloudflare-one/access/self-hosted-app/create-app.mdx index 284827f9e9ed84..4f6a9b6ca971a6 100644 --- a/src/content/partials/cloudflare-one/access/self-hosted-app/create-app.mdx +++ b/src/content/partials/cloudflare-one/access/self-hosted-app/create-app.mdx @@ -6,7 +6,7 @@ params: import { Render } from "~/components" -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Access controls** > **Applications**. 2. Select **Add an application**. diff --git a/src/content/partials/cloudflare-one/access/tags.mdx b/src/content/partials/cloudflare-one/access/tags.mdx index 332dc4dfdad0e1..d23d8d11816543 100644 --- a/src/content/partials/cloudflare-one/access/tags.mdx +++ b/src/content/partials/cloudflare-one/access/tags.mdx @@ -9,8 +9,8 @@ You can label an Access application with up to 25 custom tags. End users can the To create a new tag: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Tags**. -2. Select **Add tags**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Reusable components** > **Tags**. +2. Select **Add a tag**. 3. Enter up to 35 alphanumeric characters for the tag (for example, `Human Resources`) and select it in the dropdown menu. 4. Select **Save**. @@ -20,7 +20,7 @@ You can now [add this tag](#tag-an-access-application) to an Access application. To add a tag to an existing Access application: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Access** > **Applications**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Access controls** > **Applications**. 2. Select an application and select **Configure**. 3. Go to **Experience settings**. 4. In the **Tags** dropdown, select the tags that you would like to assign to this application. The tag must be [created](#create-a-tag) before you can select it in the dropdown. diff --git a/src/content/partials/cloudflare-one/access/verify-scim-provisioning.mdx b/src/content/partials/cloudflare-one/access/verify-scim-provisioning.mdx index d4346aac2128f6..84a7d26512ee95 100644 --- a/src/content/partials/cloudflare-one/access/verify-scim-provisioning.mdx +++ b/src/content/partials/cloudflare-one/access/verify-scim-provisioning.mdx @@ -4,6 +4,6 @@ import { Render } from "~/components"; -To check if user identities were updated in Zero Trust, view your [SCIM provisioning logs](/cloudflare-one/insights/logs/scim-logs/). +To check if user identities were updated in Cloudflare One, view your [SCIM provisioning logs](/cloudflare-one/insights/logs/scim-logs/). \ No newline at end of file diff --git a/src/content/partials/cloudflare-one/app-library-review-apps.mdx b/src/content/partials/cloudflare-one/app-library-review-apps.mdx index 3f2b621276c15d..a5b31cbce6de17 100644 --- a/src/content/partials/cloudflare-one/app-library-review-apps.mdx +++ b/src/content/partials/cloudflare-one/app-library-review-apps.mdx @@ -15,7 +15,7 @@ To organize applications into their approval status for your organization, you c To set the status of an application: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **My team** > **App Library**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Team & Resources** > **Applications**. 2. Locate the card for the application. 3. In the three-dot menu, select the option to mark your desired status. diff --git a/src/content/partials/cloudflare-one/casb/aws-compute-account.mdx b/src/content/partials/cloudflare-one/casb/aws-compute-account.mdx index 6d0266e78695c0..c4c2c3685087eb 100644 --- a/src/content/partials/cloudflare-one/casb/aws-compute-account.mdx +++ b/src/content/partials/cloudflare-one/casb/aws-compute-account.mdx @@ -4,7 +4,7 @@ To connect a compute account to your AWS integration: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Cloud & SaaS findings** > **Integrations**. 2. Find and select your AWS integration. 3. Select **Open connection instructions**. 4. Follow the instructions provided to connect a new compute account. diff --git a/src/content/partials/cloudflare-one/casb/manage-integrations.mdx b/src/content/partials/cloudflare-one/casb/manage-integrations.mdx index d50ae1e9539292..e4eec357f4dcd0 100644 --- a/src/content/partials/cloudflare-one/casb/manage-integrations.mdx +++ b/src/content/partials/cloudflare-one/casb/manage-integrations.mdx @@ -10,7 +10,7 @@ Before you can integrate a SaaS application or cloud environment with CASB, your ### Add an integration -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Integrations**. 2. Select **Connect an integration** or **Add integration**. 3. Browse the available integrations and select the application you would like to add. 4. Follow the step-by-step integration instructions in the UI. @@ -22,7 +22,7 @@ Once CASB detects at least one finding, you can [view and manage your findings]( ### Pause an integration -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Integrations**. 2. Find the integration you would like to pause and select **Configure**. 3. To stop scanning the application, turn off **Scan for findings**. 4. Select **Save integration**. @@ -35,7 +35,7 @@ You can resume CASB scanning at any time by turning on **Scan for findings**. When you delete an integration, all keys and OAuth data will be deleted. This means you cannot restore a deleted integration or its scanned data. ::: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **CASB** > **Integrations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Cloud & SaaS findings** > **Integrations**. 2. Find the integration you would like to delete and select **Configure**. 3. Select **Disenroll**. diff --git a/src/content/partials/cloudflare-one/choose-team-name.mdx b/src/content/partials/cloudflare-one/choose-team-name.mdx index 6f03c6fe0efe7b..971faa423fc940 100644 --- a/src/content/partials/cloudflare-one/choose-team-name.mdx +++ b/src/content/partials/cloudflare-one/choose-team-name.mdx @@ -1,6 +1,6 @@ import { GlossaryTooltip, DashButton } from "~/components"; -1. In the [Cloudflare dashboard](https://dash.cloudflare.com/), select **Zero Trust**. +1. In the [Cloudflare dashboard](https://dash.cloudflare.com/), select **Cloudflare One**. diff --git a/src/content/partials/cloudflare-one/clientless-browser-isolation.mdx b/src/content/partials/cloudflare-one/clientless-browser-isolation.mdx index 77f37b19e10524..a27d48adc32f93 100644 --- a/src/content/partials/cloudflare-one/clientless-browser-isolation.mdx +++ b/src/content/partials/cloudflare-one/clientless-browser-isolation.mdx @@ -3,5 +3,6 @@ --- -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Browser Isolation**. -2. Enable **Clientless Web Isolation**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Browser isolation** > **Browser isolation settings**. +2. Under **Manage remote browser permissions**, select **Manage**. +3. Enable **Clientless Web Isolation**. \ No newline at end of file diff --git a/src/content/partials/cloudflare-one/data-loss-prevention/custom-profile.mdx b/src/content/partials/cloudflare-one/data-loss-prevention/custom-profile.mdx index 1b37a1e7230690..c14310c726b95f 100644 --- a/src/content/partials/cloudflare-one/data-loss-prevention/custom-profile.mdx +++ b/src/content/partials/cloudflare-one/data-loss-prevention/custom-profile.mdx @@ -4,7 +4,7 @@ import { Details } from "~/components"; -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **DLP profiles**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **Profiles**. 2. Select **Create profile**. diff --git a/src/content/partials/cloudflare-one/data-loss-prevention/predefined-profile.mdx b/src/content/partials/cloudflare-one/data-loss-prevention/predefined-profile.mdx index 2cd91d0c898386..306c095ab88d05 100644 --- a/src/content/partials/cloudflare-one/data-loss-prevention/predefined-profile.mdx +++ b/src/content/partials/cloudflare-one/data-loss-prevention/predefined-profile.mdx @@ -2,7 +2,7 @@ {} --- -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **DLP profiles**. -2. Choose a [predefined profile](/cloudflare-one/data-loss-prevention/dlp-profiles/predefined-profiles/) and select **Configure**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Data loss prevention** > **Profiles**. +2. Choose a [predefined profile](/cloudflare-one/data-loss-prevention/dlp-profiles/predefined-profiles/) and select **Edit**. 3. Enable one or more **Detection entries** according to your preferences. The DLP Profile matches using the OR logical operator — if multiple entries are enabled, your data needs to match only one of the entries. 4. Select **Save profile**. diff --git a/src/content/partials/cloudflare-one/email-security/post-verification-setup.mdx b/src/content/partials/cloudflare-one/email-security/post-verification-setup.mdx index e2cc9df4d6fc4d..0b8d43681a9dc6 100644 --- a/src/content/partials/cloudflare-one/email-security/post-verification-setup.mdx +++ b/src/content/partials/cloudflare-one/email-security/post-verification-setup.mdx @@ -6,6 +6,6 @@ To verify that the deployment has been successful and that your emails are being scanned: -1. In [Zero Trust](https://one.dash.cloudflare.com/), select **Email security**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), select **Email security**. 2. Go to **Settings** > **Domain management** > **Domains**, then select **View**. 3. Under **Your domains**, locate your domain, and verify that **Status** (which describes the state of the configuration) displays **Active**. diff --git a/src/content/partials/cloudflare-one/gateway/add-locations-static-ip-warning.mdx b/src/content/partials/cloudflare-one/gateway/add-locations-static-ip-warning.mdx index 71bdde298e6176..00e62f20efc515 100644 --- a/src/content/partials/cloudflare-one/gateway/add-locations-static-ip-warning.mdx +++ b/src/content/partials/cloudflare-one/gateway/add-locations-static-ip-warning.mdx @@ -8,4 +8,4 @@ Deploying Gateway DNS filtering using static IP addresses may prevent users from 2. Connect to the Wi-Fi network. 3. Once the connection has been established, add the static IP addresses back. -To avoid this issue, use the [WARP client](/cloudflare-one/team-and-resources/devices/warp/) to connect your devices to Cloudflare Zero Trust. +To avoid this issue, use the [WARP client](/cloudflare-one/team-and-resources/devices/warp/) to connect your devices to Cloudflare One. diff --git a/src/content/partials/cloudflare-one/gateway/add-locations.mdx b/src/content/partials/cloudflare-one/gateway/add-locations.mdx index f8940266c003e9..5fa548aba9af7e 100644 --- a/src/content/partials/cloudflare-one/gateway/add-locations.mdx +++ b/src/content/partials/cloudflare-one/gateway/add-locations.mdx @@ -12,7 +12,7 @@ The fastest way to start filtering DNS queries from a location is by changing th To add a DNS location to Gateway: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Gateway** > **DNS Locations**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Networks** > **Resolvers & Proxies** > **DNS locations**. 2. Select **Add a location**. 3. Choose a name for your DNS location. 4. Choose at least one [DNS endpoint](/cloudflare-one/team-and-resources/devices/agentless/dns/locations/#dns-endpoints) to resolve your organization's DNS queries. diff --git a/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx b/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx index 433a5f709511a4..333527ca94b179 100644 --- a/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx +++ b/src/content/partials/cloudflare-one/gateway/create-resolver-policy.mdx @@ -12,7 +12,7 @@ To create a resolver policy: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Resolver policies**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Resolver policies**. 2. Select **Add a policy**. 3. Create an expression for your desired traffic. For example, you can resolve a hostname for an internal service: diff --git a/src/content/partials/cloudflare-one/gateway/customize-block-page.mdx b/src/content/partials/cloudflare-one/gateway/customize-block-page.mdx index aba67691d8128b..1473b5896b40bc 100644 --- a/src/content/partials/cloudflare-one/gateway/customize-block-page.mdx +++ b/src/content/partials/cloudflare-one/gateway/customize-block-page.mdx @@ -10,7 +10,7 @@ To customize your block page: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Custom Pages**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Custom pages**. 2. Under **Account Gateway block page**, select **Customize**. 3. Choose **Custom Gateway block page**. Gateway will display a preview of your custom block page. Available customizations include: - Your organization's name diff --git a/src/content/partials/cloudflare-one/gateway/debugging-policies.mdx b/src/content/partials/cloudflare-one/gateway/debugging-policies.mdx index 485d3c50660349..4ccc444fefbfe2 100644 --- a/src/content/partials/cloudflare-one/gateway/debugging-policies.mdx +++ b/src/content/partials/cloudflare-one/gateway/debugging-policies.mdx @@ -3,6 +3,6 @@ --- -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall Policies**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Firewall policies**. 2. Disable all DNS, Network, and HTTP policies and see if the issue persists. It may take up to two minutes for the change to take effect. Note that all policy enforcement happens on the Cloudflare global network, not on your local device. 3. Slowly re-enable your policies. Once you have narrowed down the issue, modify the policies or their [order of enforcement](/cloudflare-one/traffic-policies/order-of-enforcement/). diff --git a/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx b/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx index fa01ae1be203f4..b7bb7cec1c52bd 100644 --- a/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx +++ b/src/content/partials/cloudflare-one/gateway/enable-tls-decryption.mdx @@ -6,8 +6,8 @@ import { TabItem, Tabs } from "~/components"; -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Network**. -2. In **Firewall**, turn on **TLS decryption**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Traffic settings**. +2. In **Proxy and inspection**, turn on **Inspect HTTPS requests with TLS decryption**. diff --git a/src/content/partials/cloudflare-one/gateway/extended-email.mdx b/src/content/partials/cloudflare-one/gateway/extended-email.mdx index 2384e2a84d8b11..2abf2ec71041be 100644 --- a/src/content/partials/cloudflare-one/gateway/extended-email.mdx +++ b/src/content/partials/cloudflare-one/gateway/extended-email.mdx @@ -62,4 +62,4 @@ By default, Gateway will either filter only exact matches or all extended varian
-To force Gateway to match all email address variants, go to **Settings** > **Network** > **Firewall** and turn on **Match extended email addresses**. This setting applies to all firewall, egress, and resolver policies. +To force Gateway to match all email address variants, go to **Traffic policies** > **Traffic settings** > **Policy settings** and turn on **Match extended email addresses**. This setting applies to all firewall, egress, and resolver policies. diff --git a/src/content/partials/cloudflare-one/gateway/get-started/create-http-policy.mdx b/src/content/partials/cloudflare-one/gateway/get-started/create-http-policy.mdx index 3177058722e567..b6f0f3cbc68379 100644 --- a/src/content/partials/cloudflare-one/gateway/get-started/create-http-policy.mdx +++ b/src/content/partials/cloudflare-one/gateway/get-started/create-http-policy.mdx @@ -8,7 +8,7 @@ To create a new HTTP policy: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Firewall policies**. 2. In the **HTTP** tab, select **Add a policy**. 3. Name the policy. 4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block. diff --git a/src/content/partials/cloudflare-one/gateway/get-started/create-network-policy.mdx b/src/content/partials/cloudflare-one/gateway/get-started/create-network-policy.mdx index 8a19a1933b0cf3..d9ed57b5c272ad 100644 --- a/src/content/partials/cloudflare-one/gateway/get-started/create-network-policy.mdx +++ b/src/content/partials/cloudflare-one/gateway/get-started/create-network-policy.mdx @@ -8,8 +8,8 @@ To create a new network policy: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Gateway** > **Firewall policies**. -2. In the **Network** tab, select **Add a policy**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Traffic policies** > **Firewall policies**. +2. In the **Network** tab, select **Add a network policy**. 3. Name the policy. 4. Under **Traffic**, build a logical expression that defines the traffic you want to allow or block. 5. Choose an **Action** to take when traffic matches the logical expression. For example, you can use a list of [device serial numbers](/cloudflare-one/reusable-components/posture-checks/warp-client-checks/corp-device/) to ensure users can only access an application if they connect with the WARP client from a company device: diff --git a/src/content/partials/cloudflare-one/gateway/lists.mdx b/src/content/partials/cloudflare-one/gateway/lists.mdx index 0860509ca2ff22..25e638ab745702 100644 --- a/src/content/partials/cloudflare-one/gateway/lists.mdx +++ b/src/content/partials/cloudflare-one/gateway/lists.mdx @@ -23,11 +23,11 @@ When you format a CSV file for upload: - Trailing whitespace characters are not allowed. - CRLF (Windows) and LF (Unix) line endings are valid. -To upload the list to Zero Trust: +To upload the list to Cloudflare One: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **My Team** > **Lists**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Lists**. 2. Select **Upload CSV**. 3. Next, specify a **List name**, enter an optional description, and choose a **List type**. 4. Drag and drop a file into the **CSV file** window, or select a file. @@ -68,7 +68,7 @@ You can now use this list in the policy builder by choosing the _in list_ operat -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **My Team** > **Lists**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Team & Resources** > **Lists**. 2. Select **Create manual list**. 3. Next, specify a **List name**, enter an optional description, and choose a **List type**. 4. Enter your list element manually into the **Add entry** field and select **Add**. diff --git a/src/content/partials/cloudflare-one/gateway/order-of-enforcement.mdx b/src/content/partials/cloudflare-one/gateway/order-of-enforcement.mdx index 6710af672d2088..f932182e5a816a 100644 --- a/src/content/partials/cloudflare-one/gateway/order-of-enforcement.mdx +++ b/src/content/partials/cloudflare-one/gateway/order-of-enforcement.mdx @@ -157,9 +157,9 @@ Order of precedence refers to the priority of individual policies within the DNS The order of precedence follows the first match principle. Once traffic matches an Allow or Block policy, evaluation stops and no subsequent policies can override the decision. Therefore, Cloudflare recommends assigning the most specific policies and exceptions with the highest precedence and the most general policies with the lowest precedence. -#### Zero Trust dashboard +#### Cloudflare One -In the Zero Trust dashboard, policies are in order of precedence from top to bottom of the list. Policies begin with precedence `1` and count upward. You can modify the order of precedence by dragging and dropping individual policies in the dashboard. +In Cloudflare One, policies are in order of precedence from top to bottom of the list. Policies begin with precedence `1` and count upward. You can modify the order of precedence by dragging and dropping individual policies in the dashboard. #### Cloudflare API @@ -226,7 +226,7 @@ When arranging policies in Zero Trust, Gateway automatically calculates the prec When using the API to create a policy, unless the precedence is explicitly defined in the policy, Gateway will assign precedence to policies starting at `1000`. Every time a new policy is added to the bottom of the order, Gateway will calculate the current highest precedence in the account and add a random integer between 1 and 100 to `1000` so that it now claims the maximum precedence in the account. To manually update a policy's precedence, use the [Update a Zero Trust Gateway rule](/api/resources/zero_trust/subresources/gateway/subresources/rules/methods/update/) endpoint. You can set a policy's precedence to any value that is not already in use. -Changing the order within the Zero Trust dashboard or API may result in configuration issues when using [Terraform](#manage-precedence-with-terraform). +Changing the order within Cloudflare One or API may result in configuration issues when using [Terraform](#manage-precedence-with-terraform). ## Manage precedence with Terraform @@ -252,4 +252,4 @@ resource "cloudflare_zero_trust_gateway_policy" "policy_3" { } ``` -To avoid precedence calculation errors when reordering policies with Terraform, you should move one policy at a time before running `terraform plan` and `terraform apply`. If you use both Terraform and the Zero Trust dashboard or API, sync your polices with `terraform refresh` before reordering policies in Terraform. Alternatively, you can set your account to [read-only in the Zero Trust dashboard](/cloudflare-one/api-terraform/#set-dashboard-to-read-only), only allowing changes using the API or Terraform. +To avoid precedence calculation errors when reordering policies with Terraform, you should move one policy at a time before running `terraform plan` and `terraform apply`. If you use both Terraform and Cloudflare One or API, sync your polices with `terraform refresh` before reordering policies in Terraform. Alternatively, you can set your account to [read-only in Cloudflare One](/cloudflare-one/api-terraform/#set-dashboard-to-read-only), only allowing changes using the API or Terraform. diff --git a/src/content/partials/cloudflare-one/gateway/verify-connectivity.mdx b/src/content/partials/cloudflare-one/gateway/verify-connectivity.mdx index 10ff2d5cad1227..f574b845015cab 100644 --- a/src/content/partials/cloudflare-one/gateway/verify-connectivity.mdx +++ b/src/content/partials/cloudflare-one/gateway/verify-connectivity.mdx @@ -5,8 +5,8 @@ inputParameters: GatewayLogType;;trafficTypePlural import { Markdown } from "~/components" -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**. -2. Under **Gateway logging**, enable activity logging for all {props.one} logs. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**. +2. Under **Log traffic activity**, enable activity logging for all {props.one} logs. 3. On your device, open a browser and go to any website. -4. In Zero Trust, go to **Logs** > **Gateway** > **{props.one}**. +4. In Cloudflare One, go to **Insights** > **Logs** > **Gateway** > **{props.one}**. 5. Make sure {props.one} {props.two} from your device appear. diff --git a/src/content/partials/cloudflare-one/posture/configure-posture-check.mdx b/src/content/partials/cloudflare-one/posture/configure-posture-check.mdx index 1aa138e6025894..4876c29f4e77ab 100644 --- a/src/content/partials/cloudflare-one/posture/configure-posture-check.mdx +++ b/src/content/partials/cloudflare-one/posture/configure-posture-check.mdx @@ -5,12 +5,12 @@ inputParameters: param1 import { Markdown } from "~/components" -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **WARP Client** > **Service provider checks**. -2. Select **Add new**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Reusable components** > **Posture checks** > **Service provider checks**. +2. Select **Add a check**. 3. Select the {props.one} provider. 4. Enter any name for the posture check. 5. Configure the [attributes](#device-posture-attributes) required for the device to pass the posture check. 6. Select **Save**. -7. To test, go to **Logs** > **Posture** and verify that the service provider posture check is returning the expected results. +7. To test, go to **Insight** > **Logs** > **Posture logs** and verify that the service provider posture check is returning the expected results. You can now use this posture check in a [device posture policy](/cloudflare-one/reusable-components/posture-checks/#3-build-a-device-posture-policy). diff --git a/src/content/partials/cloudflare-one/posture/service-provider-intro.mdx b/src/content/partials/cloudflare-one/posture/service-provider-intro.mdx index a4f6813102c950..a2aadf32ff9b36 100644 --- a/src/content/partials/cloudflare-one/posture/service-provider-intro.mdx +++ b/src/content/partials/cloudflare-one/posture/service-provider-intro.mdx @@ -4,4 +4,4 @@ inputParameters: param1 import { Markdown } from "~/components"; -Cloudflare Zero Trust can integrate with {props.one} to require that users connect to certain applications from managed devices. This service-to-service posture check uses the WARP client to read endpoint data from {props.one}. Devices are identified by their serial numbers. If multiple devices have the same serial number, Cloudflare cannot accurately match a WARP device with a third-party provider device. You must ensure that each of your devices has a unique serial number. +Cloudflare One can integrate with {props.one} to require that users connect to certain applications from managed devices. This service-to-service posture check uses the WARP client to read endpoint data from {props.one}. Devices are identified by their serial numbers. If multiple devices have the same serial number, Cloudflare cannot accurately match a WARP device with a third-party provider device. You must ensure that each of your devices has a unique serial number. diff --git a/src/content/partials/cloudflare-one/send-risk-scores-okta.mdx b/src/content/partials/cloudflare-one/send-risk-scores-okta.mdx index 3de0f986a62b85..656b3c80b978a6 100644 --- a/src/content/partials/cloudflare-one/send-risk-scores-okta.mdx +++ b/src/content/partials/cloudflare-one/send-risk-scores-okta.mdx @@ -2,19 +2,19 @@ {} --- -First, configure Zero Trust to send user risk scores to Okta. +First, configure Cloudflare One to send user risk scores to Okta. 1. Set up the [Okta SSO integration](/cloudflare-one/integrations/identity-providers/okta/). -2. In [Zero Trust](https://one.dash.cloudflare.com/), go to **Settings** > **Authentication**. -3. In **Login methods**, locate your Okta integration and select **Edit**. +2. In [Cloudflare One](https://one.dash.cloudflare.com/), go to **Integrations** > **Identity providers**. +3. In **Your identity providers**, locate your Okta integration and select **Edit**. 4. Turn on **Send risk score to Okta**. 5. Select **Save**. -6. Upon saving, Zero Trust will display the well-known URL for your organization. Copy the value. +6. Upon saving, Cloudflare One will display the well-known URL for your organization. Copy the value. Next, configure Okta to receive your risk scores. 1. On your Okta admin dashboard, go to **Security** > **Device Integrations**. 2. Go to **Receive shared signals**, then select **Create stream**. 3. Name your integration. In **Set up integration with**, choose _Well-known URL_. -4. In **Well-known URL**, enter the well-known URL value provided by Zero Trust. +4. In **Well-known URL**, enter the well-known URL value provided by Cloudflare One. 5. Select **Create**. diff --git a/src/content/partials/cloudflare-one/ssh/upload-ssh-key.mdx b/src/content/partials/cloudflare-one/ssh/upload-ssh-key.mdx index 932d44b2bd6321..edc009abaf69c1 100644 --- a/src/content/partials/cloudflare-one/ssh/upload-ssh-key.mdx +++ b/src/content/partials/cloudflare-one/ssh/upload-ssh-key.mdx @@ -22,8 +22,8 @@ To log SSH commands, you will need to generate an HPKE key pair and upload the p This command outputs two files, an `sshkey.pub` public key and a matching `sshkey` private key. -3. In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Network**. +3. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Traffic policies** > **Traffic settings**. -4. In **SSH encryption public key**, paste the contents of `sshkey.pub` and select **Save**. +4. In **SSH log encryption public key**, paste the contents of `sshkey.pub` and select **Save**. All proxied SSH commands are immediately encrypted using this public key. The matching private key is required to view logs. diff --git a/src/content/partials/cloudflare-one/tunnel/1033-error.mdx b/src/content/partials/cloudflare-one/tunnel/1033-error.mdx index ac6337d12578fc..527ec929a011a9 100644 --- a/src/content/partials/cloudflare-one/tunnel/1033-error.mdx +++ b/src/content/partials/cloudflare-one/tunnel/1033-error.mdx @@ -7,6 +7,6 @@ import { Render } from "~/components"; A `1033` error indicates your tunnel is not connected to Cloudflare's network because Cloudflare's network cannot find a healthy `cloudflared` instance to receive the traffic. -First, review whether your tunnel is listed as `Active` on the [Zero Trust](https://one.dash.cloudflare.com/) dashboard by going to **Networks** > **Tunnels** or run `cloudflared tunnel list`. If the tunnel is not `Active`, review the following and take the action necessary for your tunnel status: +First, review whether your tunnel is listed as `Active` on the [Cloudflare One](https://one.dash.cloudflare.com/) dashboard by going to **Networks** > **Connectors** > **Cloudflare Tunnels** or run `cloudflared tunnel list`. If the tunnel is not `Active`, review the following and take the action necessary for your tunnel status: \ No newline at end of file diff --git a/src/content/partials/cloudflare-one/tunnel/cloud-create-tunnel.mdx b/src/content/partials/cloudflare-one/tunnel/cloud-create-tunnel.mdx index 68ebb4ec9c8c20..94251cd340cbb0 100644 --- a/src/content/partials/cloudflare-one/tunnel/cloud-create-tunnel.mdx +++ b/src/content/partials/cloudflare-one/tunnel/cloud-create-tunnel.mdx @@ -5,9 +5,9 @@ inputParameters: param1;;param2 import { Markdown } from "~/components" -Create a Cloudflare Tunnel in Zero Trust and run the tunnel on the {props.one}. +Create a Cloudflare Tunnel in Cloudflare One and run the tunnel on the {props.one}. -1. Log in to [Zero Trust](https://one.dash.cloudflare.com) and go to **Networks** > **Tunnels**. +1. Log in to [Cloudflare One](https://one.dash.cloudflare.com) and go to **Networks** > **Connectors** > **Cloudflare Tunnels**. 2. Select **Create a tunnel**. @@ -19,6 +19,6 @@ Create a Cloudflare Tunnel in Zero Trust and run the tunnel on the {props.one}. 6. Under **Choose your environment**, select **Debian**. Copy the command shown in the dashboard and run it on your {props.one}. -7. Once the command has finished running, your connector will appear in Zero Trust. +7. Once the command has finished running, your connector will appear in Cloudflare One. 8. Select **Next**. diff --git a/src/content/partials/cloudflare-one/tunnel/connect-private-network.mdx b/src/content/partials/cloudflare-one/tunnel/connect-private-network.mdx index 2e5a943b19a538..e7d6a0a5d43430 100644 --- a/src/content/partials/cloudflare-one/tunnel/connect-private-network.mdx +++ b/src/content/partials/cloudflare-one/tunnel/connect-private-network.mdx @@ -2,6 +2,6 @@ {} --- -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Networks** > **Tunnels**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Networks** > **Connectors** > **Cloudflare Tunnels**. 2. [Create a new tunnel](/cloudflare-one/networks/connectors/cloudflare-tunnel/get-started/create-remote-tunnel/) or edit an existing `cloudflared` tunnel. diff --git a/src/content/partials/cloudflare-one/tunnel/create-tunnel.mdx b/src/content/partials/cloudflare-one/tunnel/create-tunnel.mdx index 6fefdf6135e88d..5f189a54467daa 100644 --- a/src/content/partials/cloudflare-one/tunnel/create-tunnel.mdx +++ b/src/content/partials/cloudflare-one/tunnel/create-tunnel.mdx @@ -3,7 +3,7 @@ --- -1. Log in to [Zero Trust](https://one.dash.cloudflare.com) and go to **Networks** > **Tunnels**. +1. Log in to [Cloudflare One](https://one.dash.cloudflare.com) and go to **Networks** > **Connectors** > **Cloudflare Tunnels**. 2. Select **Create a tunnel**. @@ -15,7 +15,7 @@ 6. Next, you will need to install `cloudflared` and run it. To do so, check that the environment under **Choose an environment** reflects the operating system on your machine, then copy the command in the box below and paste it into a terminal window. Run the command. -7. Once the command has finished running, your connector will appear in Zero Trust. +7. Once the command has finished running, your connector will appear in Cloudflare One. ![Connector appearing in the UI after cloudflared has run](~/assets/images/cloudflare-one/connections/connect-apps/connector.png) diff --git a/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx b/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx index b7f347efadc553..786d4189a03665 100644 --- a/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx +++ b/src/content/partials/cloudflare-one/tunnel/enable-gateway-proxy.mdx @@ -8,8 +8,8 @@ To start logging and filtering network traffic, turn on the Gateway proxy: -1. Go to **Settings** > **Network**. -2. In **Firewall**, turn on **Proxy**. +1. Go to **Traffic policies** > **Traffic settings**. +2. In **Proxy and inspection**, turn on **Allow Secure Web Gateway to proxy traffic**. 3. Select **TCP**. 4. (Recommended) To proxy traffic to internal DNS resolvers, select **UDP**. 5. (Recommended) To proxy traffic for diagnostic tools such as `ping` and `traceroute`, select **ICMP**. You may also need to [update your system](/cloudflare-one/traffic-policies/proxy/#icmp) to allow ICMP traffic through `cloudflared`. diff --git a/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx b/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx index 76e096c3de233c..b4fc070e092651 100644 --- a/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx +++ b/src/content/partials/cloudflare-one/tunnel/troubleshoot-private-networks.mdx @@ -22,15 +22,15 @@ If WARP is stuck in the `Disconnected` state or frequently changes between `Conn This step is only needed if users access your application via a private hostname (for example, `wiki.internal.local`). -- If you are using [custom resolver policies](/cloudflare-one/traffic-policies/resolver-policies/) to handle private DNS, go to your Gateway DNS logs (**Logs** > **Gateway** > **DNS**) and search for DNS queries to the hostname. +- If you are using [custom resolver policies](/cloudflare-one/traffic-policies/resolver-policies/) to handle private DNS, go to your Gateway DNS logs (**Insights** > **Logs** > **DNS query logs**) and search for DNS queries to the hostname. -- If you are using [Local Domain Fallback](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/local-domains/) to handle private DNS, go to your Gateway Network logs (**Logs** > **Gateway** > **Network**) and search for port `53` traffic to your DNS server IP. +- If you are using [Local Domain Fallback](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/local-domains/) to handle private DNS, go to your Gateway Network logs (**Insights** > **Logs** > **Network logs**) and search for port `53` traffic to your DNS server IP. If there are no relevant Gateway logs, it means that WARP was unable to forward the query to your private DNS server. Check your resolver policies or Local Domain Fallback configuration and refer to [How WARP handles DNS requests](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/#how-the-warp-client-handles-dns-requests). ## 3. Is network traffic to the application going through WARP? -Next, check if your Gateway Network logs (**Logs** > **Gateway** > **Network**) show any traffic to the destination IP. +Next, check if your Gateway Network logs (**Insights** > **Logs** > **Network logs**) show any traffic to the destination IP. If WARP is connected but there are no network logs, it means that your private network IPs are not routing through WARP. You can confirm this by [searching the routing table](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/warp-architecture/#routing-table) on the device for the IP address of your application. Traffic to your application should route through the Cloudflare WARP interface. If another interface is used, [check your Split Tunnel configuration](/cloudflare-one/networks/connectors/cloudflare-tunnel/private-net/cloudflared/#3-route-private-network-ips-through-warp). @@ -38,7 +38,7 @@ If WARP is connected but there are no network logs, it means that your private n To check if a Gateway block event occurred: -1. Go to **Logs** > **Gateway** and select the **DNS**, **Network**, or **HTTP** tab. +1. Go to **Insights** > **Logs** and select the **DNS query logs**, **Network logs**, or **HTTP request logs**. 2. Apply the following filters: - **Email**: User's email address - **Event**: _Blocked_ @@ -49,13 +49,13 @@ To check if a Gateway block event occurred: Determine whether the user is matching any policy, or if they are matching a policy that has a higher priority than the expected policy. 1. To determine the actual policy that was applied: - 1. Go to **Logs** > **Gateway** and select the **DNS**, **Network**, or **HTTP** tab. + 1. Go to **Insights** > **Logs** and select the **DNS query logs**, **Network logs**, or **HTTP request logs**. 2. Apply the following filters: - **Email**: User's email address - **Date Time Range**: Time period when the user accessed the application 3. In the search box, filter by the destination IP or FQDN. 4. In the results, select a log and note its **Policy Name** value. -2. Go to **Gateway** > **Firewall Policies** and compare the [order of enforcement](/cloudflare-one/traffic-policies/order-of-enforcement/) of the matched policy versus the expected policy. +2. Go to **Traffic policies** > **Firewall policies** and compare the [order of enforcement](/cloudflare-one/traffic-policies/order-of-enforcement/) of the matched policy versus the expected policy. 3. Compare the Gateway log values with the expected policy criteria. - If the mismatched value is related to identity, [check the user registry](/cloudflare-one/insights/logs/users/) and verify the values that are passed to Gateway from your IdP. Cloudflare updates the registry when the user enrolls in the WARP client. If the user's identity is outdated, ask the user to re-authenticate WARP (**Preferences** > **Account** > **Re-Authenticate Session**). diff --git a/src/content/partials/cloudflare-one/tunnel/warp-connector-install.mdx b/src/content/partials/cloudflare-one/tunnel/warp-connector-install.mdx index a9c113731e083f..05279860dbf502 100644 --- a/src/content/partials/cloudflare-one/tunnel/warp-connector-install.mdx +++ b/src/content/partials/cloudflare-one/tunnel/warp-connector-install.mdx @@ -6,13 +6,13 @@ import { Details, GlossaryTooltip } from "~/components"; To install WARP Connector on a host machine: -1. In [Zero Trust](https://one.dash.cloudflare.com), go to **Networks** > **Tunnels**. +1. In [Cloudflare One](https://one.dash.cloudflare.com), go to **Networks** > **Connectors** > **Cloudflare Tunnels**. 2. Select **Create a tunnel**. 3. For the tunnel type, select **WARP Connector**. 4. You will be prompted to turn on **Warp to Warp** and [**Override local interface IP**](/cloudflare-one/team-and-resources/devices/warp/configure-warp/warp-settings/#override-local-interface-ip) if they are currently turned off. These settings allow Cloudflare to assign a unique CGNAT IP to each WARP device and route traffic between them. 5. Give the tunnel any name (for example, `Subnet-10.0.0.0/24`) and select **Create tunnel**. 6. Select the operating system of your host machine. -7. On your host machine, open a terminal window and run the commands shown in the Zero Trust dashboard. Those commands will install the WARP Connector, enable IP forwarding on the host, and connect WARP Connector to your Zero Trust organization. +7. On your host machine, open a terminal window and run the commands shown in Cloudflare One. Those commands will install the WARP Connector, enable IP forwarding on the host, and connect WARP Connector to your Zero Trust organization. :::note[Remote SSH connections] diff --git a/src/content/partials/cloudflare-one/warp/service-token-enrollment.mdx b/src/content/partials/cloudflare-one/warp/service-token-enrollment.mdx index de794b7a088157..6e1653d6bba13a 100644 --- a/src/content/partials/cloudflare-one/warp/service-token-enrollment.mdx +++ b/src/content/partials/cloudflare-one/warp/service-token-enrollment.mdx @@ -11,7 +11,7 @@ import { Tabs, TabItem } from '~/components'; 2. Copy the token's **Client ID** and **Client Secret**. -3. Go to **Access** > **Policies** and create the following policy: +3. Go to **Access controls** > **Policies** and create the following policy: | Rule Action | Rule type | Selector | Value | | ------------ | --------- | ------------- | -------------- | diff --git a/src/content/partials/cloudflare-one/warp/vpn-ip-traffic.mdx b/src/content/partials/cloudflare-one/warp/vpn-ip-traffic.mdx index 4343c0f1e30d0d..de70954cb56a9f 100644 --- a/src/content/partials/cloudflare-one/warp/vpn-ip-traffic.mdx +++ b/src/content/partials/cloudflare-one/warp/vpn-ip-traffic.mdx @@ -3,7 +3,7 @@ --- -Perform these steps in [Zero Trust](https://one.dash.cloudflare.com/). +Perform these steps in [Cloudflare One](https://one.dash.cloudflare.com/). 1. Set your [Split Tunnels mode](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/#change-split-tunnels-mode) to **Exclude IPs and domains**. 2. [Add the following entries](/cloudflare-one/team-and-resources/devices/warp/configure-warp/route-traffic/split-tunnels/#add-a-route) to your Split Tunnel Exclude list: diff --git a/src/content/partials/cloudflare-one/warp/warp-sessions-gateway.mdx b/src/content/partials/cloudflare-one/warp/warp-sessions-gateway.mdx index 417fcc8e11b8b2..c1d39c8cb5b2c4 100644 --- a/src/content/partials/cloudflare-one/warp/warp-sessions-gateway.mdx +++ b/src/content/partials/cloudflare-one/warp/warp-sessions-gateway.mdx @@ -13,7 +13,7 @@ To configure a session timeout for a Gateway policy: -1. In [Zero Trust](https://one.dash.cloudflare.com/), go to either **Gateway** > **Firewall Policies**. Choose either **Network** or **HTTP**. +1. In [Cloudflare One](https://one.dash.cloudflare.com/), go to either **Traffic policies** > **Firewall policies**. Choose either **Network** or **HTTP**. 2. Add a policy and select the *Allow* action. Alternatively, choose any existing *Allow* policy. 3. Under **Step 4 - Configure policy settings**, select **Edit** next to **Enforce WARP client session duration**. 4. Enter a session expiration time in `1h30m0s` format and save.