Workshop
- Identity provider
- WARP and device posture
- Cloudflare Tunnel
- Access and Private Network
- Browser isolation and App launcher
- Digital experience monitoring
yahoo.com
using RBIMake sure your WARP client is connected and open yahoo.com. The page will probably load as normal, so how do you know it’s using RBI? One way to confirm is right-clicking anywhere on the page. Your browser’s default context menu will be replaced by RBI’s.
And since we’ve disabled keyboard, another way to test the page is being rendered by RBI is to press any key. You should see an error.
For this next exercise, let’s enable clientless RBI that can be used without WARP.
Additionally, let’s also lock one of our existing apps and only allow traffic to it if it was filtered by our organization’s Cloudflare Gateway. Then it will have to be accessed either through WARP or by using RBI.
Allow
. Under Include
, grant permission to your email address and SaveNext, have WARP client check that Gateway is being used.
Finally, we’ll make our existing intranet app accessible only through Gateway.
Include
rule, add a new Require
rule with Selector set to GatewayNow try to access the intranet URL from your VM with WARP turned on: https://intranet.<YOUR_DOMAIN>
This will work and intranet will load, because this request through WARP uses Gateway and the Selector you just created passes.
Now turn off WARP and try reloading the page.
You should see a Forbidden failure message.
This is because your request no longer uses Gateway, and the Selector created above now fails.
Let’s now use clientless RBI to send the request through Gateway, even without WARP. Navigate to your Clientless Web Isolation URL https://<LAB_SLUG>.cloudflareaccess.com/browser
and login.
Then use the RBI browser to navigate to your intranet URL intranet.<LAB_SLUG>.cfiq.io
.
The AcmeCorp’s intranet should now successfully open because RBI sent the request through Gateway. Try again the right-click check to confirm the page was rendered through RBI.
Everyone
policy for simplicity, but feel free to test out whatever rule definitions you’d likehttps://<LAB_SLUG>.cloudflareaccess.com/browser
, then click Add application.https://<LAB_SLUG>.cloudflareaccess.com
Next to all of the Applications you’ve previously defined, you should now also see a tile representing your Browser Isolation bookmark.
Now, all of your users can access RBI effortlessly!