Prohibited IP through a Tunnel?
I'm getting this indication of some conflict. It recommends checking the A records for the "api" subdomain. The "api" subdomain DNS record points to a long string of text because it's proxying through a tunnel. So, there is no A record to check, it's a CNAME generated by the tunnel setup process.
A little context, I'm trying to self host from my house using Cloudflare to tunnel and for DNS.
The setup looks like this:
I tried disabling all the WAF custom rules. Also tried making a SKIP all rule for anything coming from my public IP.
This seems like it should be a fairly straightforward setup. I'm sure I'm missing something small.
I appreciate any insight or leads.
A little context, I'm trying to self host from my house using Cloudflare to tunnel and for DNS.
The setup looks like this:
- The main example.com DNS entry points to a tunnel with the private side being the shared IP (/32) of 2 load balancers in the network that serve from 2 web servers behind them. This part works fine.
- Then there is a CNAME entry pointing to a second tunnel with the private side being the private IP (/32) of an api server in the same LAN. This does not work. I get either 403 or 1000 errors.
I tried disabling all the WAF custom rules. Also tried making a SKIP all rule for anything coming from my public IP.
This seems like it should be a fairly straightforward setup. I'm sure I'm missing something small.
I appreciate any insight or leads.
