Create a tunnel (dashboard)
Follow this step-by-step guide to get your first tunnel up and running using Zero Trust.
- 
Log in to Zero Trust ↗ and go to Networks > Tunnels. 
- 
Select Create a tunnel. 
- 
Choose Cloudflared for the connector type and select Next. 
- 
Enter a name for your tunnel. We suggest choosing a name that reflects the type of resources you want to connect through this tunnel (for example, enterprise-VPC-01).
- 
Select Save tunnel. 
- 
Next, you will need to install cloudflaredand run it. To do so, check that the environment under Choose an environment reflects the operating system on your machine, then copy the command in the box below and paste it into a terminal window. Run the command.
- 
Once the command has finished running, your connector will appear in Zero Trust.  
- 
Select Next. 
The next steps depend on whether you want to connect an application or connect a network.
Before you connect an application through your tunnel, you must:
Follow these steps to connect an application through your tunnel. If you are looking to connect a network, skip to the Connect a network section.
- 
In the Public Hostnames tab, select Add a public hostname. 
- 
Enter a subdomain and select a Domain from the dropdown menu. Specify any subdomain or path information. 
- 
Specify a service, for example https://localhost:8000.
- 
Under Additional application settings, specify any parameters you would like to add to your tunnel configuration. 
- 
Select Save hostname. 
The application is now publicly available on the Internet. To allow or block specific users, create an Access application.
Follow these steps to connect a private network through your tunnel.
- 
In the Private Networks tab, add an IP or CIDR. 
- 
Select Save tunnel. 
To configure Zero Trust policies and connect as a user, refer to Connect private networks.
After saving the tunnel, you will be redirected to the Tunnels page. Look for your new tunnel to be listed along with its active connector.
