All Collections
Hacking
Gateway - Hackers
Configure Client for a Specific Program
Configure Client for a Specific Program

For Gateway V2

Updated over a week ago

These guides assume you already have the WARP Client installed. If you don't, please go to: Warp Client Install

To find the Cloudflare team name needed for this configuration, you can navigate to the Gateway overview page, as specified here.

Configuration

Windows

  1. Go to Account preferences in the client, and click Login with Cloudflare for Teams.

  2. Fill in the team name and click OK:

  3. Login to the WARP authentication website (pops up automatically). Use your whitelisted "@wearehackerone.com" email address.

    1. Note: Please use your @wearehackerone.com alias.

  4. Authentication successful, register client into the program

  5. Click the "Open Cloudflare WARP" button

  6. Client changed

    1. The client should now display "Zero Trust" instead of "WARP"

macOS

  1. Go to Account preferences in the client.

  2. Click the Account tab, then click Login with Cloudflare Zero Trust.

  3. Fill in the team name and click Done:

  4. Login to the WARP authentication website (pops up automatically). Use your whitelisted "@wearehackerone.com" email address.

    Note: Please use your @wearehackerone.com alias.

  5. Authentication successful, register client into the program

  6. Click the "Open Cloudflare WARP" button

  7. Client changed

  8. The client should now display "Zero Trust" instead of "WARP"

Linux

  1. To connect for the very first time you must register first warp in your system. Register the client

    warp-cli register

    Note: (Repeat in case of API error)

  2. Convert WARP to Zero Trust, by logging into the team domain

    warp-cli teams-enroll [team-name]

  3. Navigate to the domain page, add your whitelisted e-mail address, get the one-pin, and connect

    A browser window should open at the following URL: https://[team-name].cloudflareaccess.com/warp If the browser fails to open, please visit the URL above directly in your browser.

    Note: Please use the same email you registered with HackerOne.

    1. CLI-only login Alternatively if you have CLI-only access you can:

      warp-cli teams-enroll [team-name]


      After this open the URL listed in the output on your local machine, or via a terminal-based browser. Then within 30 seconds of authenticating. Copy the token and use it in the terminal:

      warp-cli teams-enroll-token com.cloudflare.warp://[team-name].cloudflareaccess.com/auth?token=[token]

    2. If the timer runs out before you enter the token you will get the following error:

      Error: Invalid JWT provided.

  4. Connect the WARP Client

warp-cli connect warp-cli status -> Must show "Status update: Connected" warp-cli account -> will show if connecting to account was successful

Troubleshooting

Split tunnel policy

It is possible to check the split-tunnel policy from the client.

  1. In Settings go to Advanced

  2. Click on the button Split Tunnel

The same is possible from the command line:

warp-cli settings

Which will return something like

$ warp-cli settings Merged configuration: Always On: true Switch Locked: false Mode: WarpWithDnsOverHttps Cloudflare for Families: Off Disabled for Wifi: false Disabled for Ethernet: false Gateway Id: [gateway_id] Onboarding: true Include mode, with hosts/ips: ifconfig.me Fallback domains: home.arpa ...

Related Articles
HackerOne Gateway V2
Installing the CloudFlare Warp Client
November 2023 Changelog
Did this answer your question?