Cloudflare Docs
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Add locations

Locations are usually physical entities like offices, homes, retail stores, movie theatres, or data centers. The fastest way to start filtering DNS queries from a location is by changing the DNS resolvers at the router.

To add a location to Gateway:

  1. On the Zero Trust dashboard, navigate to Gateway > Locations.

  2. Click Add a location.

  3. Choose a name for your location.

  4. Enterprise customers can manually enter a Source IPv4 Address. You do not need the IPv4 address field if:

    • Your location only uses IPv6.
    • Users will be sending all DNS requests from this location using DNS over HTTPS via a browser.
    • You will be deploying the WARP client.

    If any of the above apply to your case, click Delete.

  1. (Optional) Toggle the following settings:

    • Set as Default Location sets this location as the default in your DNS policy builder.
    • Enable EDNS client subnet sends a user’s IP geolocation to authoritative DNS name servers. EDNS client subnet (ECS) helps reduce latency by routing the user to the closest origin server. ECS is disabled by default to protect user privacy.
  2. Click Add location.

  3. Change the DNS resolvers on your router, browser, or OS by following the setup instructions in the UI.

    DNS resolver setup instructions on the Zero Trust dashboard

  4. Click Done. Your location will appear under Gateway > Locations.

You can now apply DNS policies to your location using the Location selector.