Cloudflare Docs
Cloudflare Zero Trust
Visit Cloudflare Zero Trust on GitHub
Set theme to dark (⇧+D)

Non-identity on-ramps

With Cloudflare Zero Trust, you can isolate HTTP traffic from on-ramps such as proxy endpoints or Magic WAN. Since these on-ramps do not require users to log in to Cloudflare WARP, identity-based policies are not supported.

​​ Set up non-identity browser isolation

  1. Install the Cloudflare certificate on your devices.
  2. Connect your infrastructure to Gateway using one of the following on-ramps:
  3. Enable non-identity browser isolation:
    1. In the Zero Trust dashboard, go to Settings > Browser Isolation.
    2. Turn on Non-identity on-ramp support.
  4. Create HTTP policies to isolate websites in a remote browser:
    1. Go to Gateway > Policies > HTTP.
    2. Build a non-identity HTTP policy using the Isolate action. The following example enables isolation for all web traffic:
      Hostnamematches regex.*Isolate

For more examples, refer to the list of common HTTP policies.