Hello, I really need some help accessing my app via cloudfared tunnel. The app is installed on an AWS EC2 Debian machine. I can successfully hit the page using http://[EC2IP]:[port] configured via inbound security rules. I can also successfully setup the cloudflare tunnel and access it via that tunnel and my personal domain and CNAME, but ONLY if I expose all TCP ports for 0.0.0.0/0. Otherwise Cloudflare cannot access the application. I have tried adding the public cloudflare ipv4 ranges (https://www.cloudflare.com/ips/) to the inbound rules, but that does not work either. Can anyone help with this?

EDIT: got it to work! Thank you so much @lilshalom@Lemmylefty@lemmy.world and @voidx@futurology.today !!

  • voidx@futurology.today
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    1 year ago

    Cloudflare tunnel only requires outbound port opened, check if you’ve allowed all outbound ports in EC2 security group (the default VPC should have this already).

    Otherwise it’s probably a misconfiguration reaching the IP/port of the cloudflared service on the EC2. Have you tried checking cloudflared logs? Does your tunnel status show up as healthy?

    • lilShalom@lemmy.basedcount.com
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      1 year ago

      He mentioned he was looking at cloudflare logs. So its making an out bound tunnel and when the ec2 firewall is on it doesnt make a connection. If its an outbound tcp connection he should still be able to do a packet capture and see if the handshake is being performed.

    • chandz05@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      The EC2 firewall? I was looking at the systemctl logs for cloudflare, so dunno why I didn’t even think of firewall logs. I should indeed have done that. Let me check that and post an update.