400: Bad Request When accessing tunnel via domain name

Zero Trust Cloudflare Tunnel
1

400: Bad Request
I have followed all the instructions. All of the install went well. Created a new domain name , Used that domain name in the config. Tunnel looks great on the Cloudflare side and no errors in the logs on the Home Assitant side. Logs say successfully connected to tunnel. Everything looks fine. Just returns 400 when I want to access the domain name from the outside world.
I have added this to the yaml as instructed:
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24

In the HA Cloudflare add on configuration for External Home Assistant Hostname I put in the new domain name. Is this correct?
When testing in the browser I have tried domaiunname and also domainname:8123
IS there anything I need to do with ports?
When I receive 400 I see nothing in the Add On logs. No error. But no success either.
I have a 4g router, with the usual CGNAT issies, so that is why I have gone down this Cloudflare path.
What have I done wrong?
Any suggestions.
How can I debug this?

2

Hi,at first my engl is not good and anything I’m using the Google translater .

I’m new here, I don’t see when you wrote the post but there is no answer to be found here. I have ensure the same problem as you described.

It would have worked immediately at the beginning, even I put the tunnel from local on dashboard. Everything went well. Suddenly, I didn’t do anything, I think. Since now 6 days I am completely with the nerves at the end. I did everything possible to get the tunnels running .umpteen times created and deleted, hundreds of times caches and cookies deleted .local tunnels ,extender tunnels created. I have partly gone through 2 days and did not sleep anything eaten, me even Had to write sick because I am broken. Nobody helps me, support wants a lot of money for possibly the only important answer whether something was changed at Cloudflare. I can’t explain it any other way.

I’m new but before I don’t know what to do and am about to have a nervous breakdown and And then please do help. As it looks like I’m not the only one umd as I see you didn’t get an answer
I even left my providers in Germany, let my domain .de delete so that I have all this at Cloudflare. Well I bought domain directly from Cloudflare for 5 years and now I have nothing and I need this damn tunnel because I have to access home assistant on the go now I’m sick and it run and certificate of Arz
But also today 24h
Tunnel takes traffic and status HEALTHY .If I start 400 bad reque
Will sacrifice one more night for an fccx tunnel and tomorrow I will get through. Am completely with the nerv on the end .

Today I even downloaded the Windows tool and tried to get the tunnel with it. Then always stands you need new security token… Everything I have done and without success.
I hope I can still make use of the right of withdrawal and am already in conversation with my German provider and I go away from here, because support is only available here for a lot of money

Sorry I couldn’t help you either but at least you are not alone and there are others me this problem .but with me it works Already to the health … LG I have to keep trying to build tunnels in the hope that once is running .

3

I hope I have a solution soon. I don´t want to spend many days on this, I have already spent a few hours. I have read every thing online.
Now I hope someone can help. Even with suggestions on how to trace or debug this.

4

Just noticed this error
2023-03-29 23:57:36.138 ERROR (MainThread) [homeassistant.components.http.forwarded] A request from a reverse proxy was received from 172.30.33.0, but your HTTP integration is not set-up for reverse proxies

But my Yaml has this
http:
use_x_forwarded_for: true
trusted_proxies: 172.30.33.0

5

OH Just realised my problem!!!
I put the http proxies yaml code in the wrong yaml. I added it to the add on but should have been /config/configuration.yaml

6

Hi,I have now deleted everything and formatted hard drive and Linux debian operating system. I installed homeassistant in a VM as OS HA. OS 9.5.

I have Cloudflare connector 3023.3.1 Installs then Linux debian and 65 bit code with the selection installed that Cloudflare 2023.3.1 is installed. Everything works and connected is displayed. Then I listed my domain purchased from Cloudflare under public hostname. After saving, comes again:
Status HEALTHY and I’m not can open my homeassistant Remote .It’s the same as before. All the work was in vain. No matter if I install Cloudflare connector or under Windows VM the HA Cloudflare adon ,even formatting the entire hard drive of my laptop and installing Linux has brought absolutely nothing. Still status healthy and error 400.

When I had installed HA for the very first time and I had meme domain at Strato in Germany and Cloudflare only used as a tunnel everything worked. Then I wanted to have everything at Cloudflare, canceled my German domain and bought a new one at Cloudflare and at the beginning of a few days, the

I don’t know what I can do anymore, I’ve deleted tunnels umpteen times day and night, deleted DNS, deleted smartphone cache and DNS, made umpteen changes in my telekom router and now my IP TV is also broken and can no longer start, I have reset the router and much more. After umpteen days and nights without sleep, I am now broken myself and ripe for fir
It can’t be on my side, I’m not an idiot myself, I have over 20 years in IT

The only thing I have left now is Cloudflare to make use of my possibly existing right of withdrawal and to look for another provider to help me and to get my homeassistant up and running remotely. That’s all I need .just a normal tunnel to get to my homeassistant. If necessary, I buy the cloud at HOMEASSISTANT if
I think that Cloudflare has created something wrong for me and I am now nervously broken in addition. I’m someone who doesn’t stop until it works and I’ve never been into my life I gave up … Now because of a small tunnel iWhich in 3 minutes in Youtube videos installiert ist ,ich mindestens 20x diverse Videos schritt for Schritt korrekt ausgeführt habe , …I could cry!

Can you possibly tell me who I can contact regarding cancellation and deletion of my domain. I bought and paid domain for 5 years and if I can undo that with money back! Or whether there is a guarantee and the contract can undo . I don’t have the time and nerves anymore. Would be very cool if you have information and contact person of the management .?

Regards
Franky

7

Screenshot_20230404_205807_Chrome
Screenshot_20230404_205807_Chrome1812×2176 194 KB

8

Make sure you put http proxies yaml code in /config/configuration.yaml

9

http:
use_x_forwarded_for: true
trusted_proxies: 172.30.33.0

10

Hi ,trust me ,I’m all doing and this entry is avaliable in my yaml config . Really don’t know what to do .have all delete ,windows banned with format c: ,install clean Linux MX Debian ,changed Router ,Smartphone and all browsers to Cloudflare 1.1.1.1 and 1.0.0.1 have delete my homeassistant ,configure now all again without backup and much more …have using the plug in ,later tunnel direkt on Cloudflare ,than with install app and the codes from Cloudflare Tunnel page , now with the API ad one but nothing helps …reset the cache ,DNS all all all don’t bring me one step forward .

The status is always HEALTHY never activ .
Have many hundert times again delete the tunnels delete the DNS from my Domäne what I buy here ,nothing …

Now 3 weeks im can’t using my Domäne for remote login to my homeassistant …I using now a desktop remote app and can login directly to my pc Desktop .
But it’s horrible slow …
I don’t know what is wrong …it’s not on my side I think ,because 5 weeks ago all is working fine …I think here is an update from Cloudflare coming and any people’s can’t works with a tunnel from Cloudflare…

It’s a DNS problem I think
My home is as following:
Laptop with Linux debian ,HA is running as oS in a Linux other 64 bit VM Maschine with Statik IP 192.xxx.2.xxx:8123
Domäne ist mydomäne.uk
Can you tell me what is the right entry’s here on Cloudflare if I create a new tunnel and what the right DNS A and CNAME entry’s and what must I do at home in my router ,smartphone and Linux PC ?and in the homeassistant settings under settings / network or on other places I forgot …XML files or all other that the tunnel is running again as before 5 weeks ?
Thx

Here a log from a Test tool in Internet …I don’t understand this …But maybe you see the error…?

Hostnames or IP addresses:
mydomäne.uk

mydomäne.uk@8.8.4.4 (Default): Copy results to clipboard
. 70986 IN NS a.root-servers.net.
. 70986 IN NS b.root-servers.net.
. 70986 IN NS c.root-servers.net.
. 70986 IN NS d.root-servers.net.
. 70986 IN NS e.root-servers.net.
. 70986 IN NS f.root-servers.net.
. 70986 IN NS g.root-servers.net.
. 70986 IN NS h.root-servers.net.
. 70986 IN NS i.root-servers.net.
. 70986 IN NS j.root-servers.net.
. 70986 IN NS k.root-servers.net.
. 70986 IN NS l.root-servers.net.
. 70986 IN NS m.root-servers.net.
. 70986 IN RRSIG NS 8 0 518400 20230418050000 (
20230405040000 60955 .
pmsORdgM7AuC44ri0FQ9LUVtDP5itybmggpP5ycwMU+d
QjuxDMWxgdT8/6VkyL6TUiNAkO2MzM+Y6om641/fGAww
i4wfbL5/3unvxiXcbo9egdwrT7YL2Sa0WGfYxq+1RT8e
mbnqwp28L2nfo8Ym8B/T04iRFrJOLa5KiS2TcljrtPX1
+uZEmJC//JwWJ5iYq3BqJoWwEK4jnrv4W7SmGGGuuLu4
r7UHvpxLvRsBfs32jqrmpwtBJBwfUjne89UYbZZ5Qhfr
sO49spOGhKZS4xkkBq1jxUz28P7h2oCQgUhDr82dt8v1
FuiWZxZBILdLCDjhEHFWWAVSOs6JEqJKYA== )
;; Received 525 bytes from 8.8.4.4#53(8.8.4.4) in 36 ms

uk. 172800 IN NS nsa.nic.uk.
uk. 172800 IN NS nsb.nic.uk.
uk. 172800 IN NS nsc.nic.uk.
uk. 172800 IN NS nsd.nic.uk.
uk. 172800 IN NS dns1.nic.uk.
uk. 172800 IN NS dns2.nic.uk.
uk. 172800 IN NS dns3.nic.uk.
uk. 172800 IN NS dns4.nic.uk.
uk. 86400 IN DS 43876 8 2 (
A107ED2AC1BD14D924173BC7E827A1153582072394F9
272BA37E2353BC659603 )
uk. 86400 IN RRSIG DS 8 1 86400 20230418200000 (
20230405190000 60955 .
mjmbKi71hfZxpqk4a3JKnwEgCwa8ULuu53H5ppfmDrgu
l2cwloS7ImVb+xvoG/SmsKRnc/YECJXu7Ar+imq7Edfh
BNx40jccP952UM+TJksVsrkV5mNhuTFjOTlca9qdwh66
S5PxZXPk2VMPnzi2dcWqLJUbmG5et0jCsiRyGVqlfuZX
edSmNLBccnjbuYCU9TWkIo9tdkheck41BTvUd4REBmyK
LelSrfMKHRFm6Aq70vnrzz+7DiPWYb6/zqD0wB/XZ1LI
On4Iof3ODqCtfCKcqvkY5JdxJnYYz4VZxitTS3u1xANb
42gYLrBkrSq/FAr4jKpq+cXNSLqGiAqpsQ== )
;; Received 882 bytes from 192.5.5.241#53(192.5.5.241) in 27 ms

mydomäne.uk 172800 IN NS bruce.ns.cloudflare.com.
mydomäne.uk. 172800 IN NS janet.ns.cloudflare.com.
mydomäne.uk 3600 IN DS 2371 13 2 (
96FB26ECBE265D5CD267CA9D20CB1E541A3CA23D18C9
F582802C1CD51D7C646D )
http://mydomäne.uk. 3600 IN RRSIG DS 8 2 3600 20230419083245 (
20230405213107 43056 uk.
qpxEChmMdzrIphXI44gnS71/fZcmYZl0Vj7LEjEVv4Iz
YGvHXGcF96ZoQIjiH1yfnWp33bG/UooG+Nh/3qWQXHuE
MIpqvA58hRMOvz9Zwhjx/pOsRqVQHXPgHAS68yGYJfDy
0ZIcRm2ipQePlVL5viW6qS97zC/N0VpgwK9s03A= )

11

hi, next day nothing solution. one night and day again that i test anything to become runing my tunnel for homeassistant.nobody here that can help me abot about the right DNS. Im new and dont know what i must do here dashboard entrys or at my homeassistant server laptop or at my Router from provider or other places .

the 400 bed request is now not coming but this:
Seite wurde nicht gefunden
Die Verbindung mit dem Server frankxxx.uk schlug fehl.

the tunnel is connected but alway Healty,not ACTIV
all PC, Smartphone, Browsers, Router i changed the DNS to 1.1.1.1 und 1.0.0.1 Cloudflare

this is coming from my Logdatei in HA its if i open my domäne from the Config Page CloudflareL
Logger: homeassistant.components.Cloudflare
Source: components/Cloudflare/init.py:59
Integration: Cloudflare (documentation, issues)
First occurred: 11:31:24 (8 occurrences)
Last logged: 18:31:26
Error updating zone frankhxx.uk: Failed updating DNS records [‘tunnelfl.frankhxxxl.uk’]

i used the HA OS newest and also all other newest:
Home Assistant 2023.4.0 Supervisor 2023.04.0 Operating System 9.5 Frontend 20230405.0 - latest

This is the actual Configuration from the tunnel on Cloudflare:

  1. the Domane:
    TYPE Name Content| Proxy status| TTL Actions
    TYPE A mein.router xx.172.221.xxx Proxied Auto Edit
    TYPE CNAME: tunnelfl xxxx|8b88911 xx-xx Proxied Auto EDIT

  2. The Tunnel;

Basic Information

Tunnel ID
xxxxxxxx111-079e-41f3xxxxxxxxxx

Status
HEALTHY

Routes
Uptime
19 hours

Created
5. April 2023

Connectors

Connector ID
xxxx772-fc66-4bde-afe7-c5xxxxx

Status
Connected

Data centers
DUS, BRU

Origin IP
84.xx.xx.xx1

Version
2023.3.1

so, thats my last cry to help…smile
if anybody found the right solution that the Tunnel is working and i can using HA with remote connection, than if yo in Munich or visit munich we go to a bar / restarant and you are my guest.

12

Can you paste here your Cloudflare yaml file.

13

Hi, i dont found any Cloudflare YAML entrys in the File Editor. I dont using the Adon from HACS. I conected withe the Cloudflare Connector. Its found in normal Menü to ad.

Before i using the Adone but dont works too. Have under win10 now windows is replaxed with Linux MX Debian based…i like!

PS: i add after 10 minutes the DNS to firfox , Firefox works …

means This:
Open Preferences and scroll to the bottom.

Click on Settings inside Network Settings.

Check Enable DNS over HTTPS.

Using the dropdown for Use Provider, choose Custom.

In the Custom field enter

https://xxxxe-gateway.com/dns-queryxxxxxxxxxxxx

and click OK.

Enter about:config in the address bar.

Click on Accept the risk! if you see a prompt from Firefox.

Set network.trr.bootstrapAddress to

162.159.36.5

Set network.trr.mode to 3

And alls this i must doing now for my Router and my Linx PC

14

Use the Cloudflare add on. It is easy. There are you tube videos that make it even easier.
Delete your tunnels and start again and follow the instructions.
And make sure you update the /config/configuration.yaml as instructed.
When done send me this yaml file.

15

Hi thanks for answer ,the adon, you mean from hacs ? This I used at first and it’s works great .this was before I buy a Domäne on Cloudflare .my domain at first was from Strado xxx.de…a standard lokal tunnel I created here on Cloudflare. 2 minutes and works …any days .later I think I go complete to Cloudflare .I chancel my Domäne on Strado ,delete the account and comes here and buy the frankhassfl.uk
From now on the problem is come …I’m absolut beginner in web hosting ,DNS ,Gateway Domäne A, CNAME, token ,API ,SSL key and so on .
The tunnel I migrate from the plugin ,than directly from the Cloudflare site ,than with windows app from here ,than with connector and code …noting works …than I erase and format my laptop …Windows 10 good by and install Linux MX Debian …it’s also the first time Linux system I used …I read much Dokuments ,many hours Youtube Videos …delete hundert again the tunnel ,my DNS entry’s ,created API ,created token than here on trust page I created DNS gateway ,all on my system smartphone ,Browser ,Linux ,Telekom Router I changed with the DNS getaway …this works …but the tunnel …forget it …3 weeks day and night I test test test …don’t sleep ,only short time than my healthy not fine ,I’m going to doctor and 2 weeks I’m at home …now I’m working again …but the tunnel is not status aktiv only healthy and today offline …now I delete all again and don’t no how must I do on the dashboard entry’s on settings Domäne DNS, what name on A and CNAME that the tunnel works …
It was a very big Error that I bought the domain here and did not leave it in Germany at Strato and would have used only the tunnel here. It worked. The biggest mistake I changed. Well I have remote app any desk and go to my laptop to edit from remote my home assistant … It was all in vain all the time and harmed my health. Unfortunately, I bought the domain here in March or at the end of February for 5 years and can not cancel. I will try Finding another provider Where I separate tunnel and domain to possibly be able to use HA again. I have given up any hope that it works with Cloudflare … It made me sick… I am someone who tries everything first myself before I ask for help. You are the only one who tries to help me … neither the hotline nor other people here tried to help me you are the only one!! I’ll make one more attempt here and install the plug-in under hacs from Cloudflare again, but ich kenne die Antwort …Status HEALTHY 400 bad request …

Do you know all Linux Commands to delete everything from Cloudflare running in the background ?
I only know this :
sudo cloudflared service uninstall
Thx and happy eastern …
PS …sorry If I get error in englisch ,because my englisch is not good and any thinks I used Google translater …

PS …the instructions I know by heart. The tunnel was always created correctly and also authorization was OK, but it always stayed with HEALTHY …I think that it’s Beginn with the dashboard entry’s A and CNAME configuration …I don’t know what there must korrekt in the fields …

16

hi robert, now is all destroyed…i gave delete the tunnel than comes that a tunnel with the same name is und A and CNAME zhan i have delete all in dns dashboard …and now i dont know how inclde right my domane name into the dns A or CNAME or what ever…i need a TARGET ? i dont know whatever i insert ip or tunnelfrank nothing works …red eror message…
im nervous angry and more

17

Just delete it all and ad the Cloudflare add on. It is easier. And works.

18

hi, after 4 weeks now im not can using my homeassistant anymore. nothing is works. what yo wrote about the adon…i have zig tausend more installed delete, installed test usw… healty is coming but every time 400 bad reqest.

since 4 days im also not using myn HA local. all is destroyed, my telekom router i have so many changes doing and dont works fine. i open all ports, deaktivad teh smarthome section inside and now the clima dont works, the sensores, keys, lights, my 2 roboter for cleaning, the windows roboter and all other what i have is down und not avalaible. i will reinstall all manal roters and old ligt dimmer that i using light and clima . im frustratet and verry angry that only a tunnel i destroy my live, my healty and im take my samsng fold4 smartphone and have out the window of the street and habe buye a other new but its not works. last but not least i have nothing at this time only chaos in house, dont take food and my doctor have give me anything for my heart and the attacks. i dont know what i can do what i forget to do. format my pc now im using linx debian, have all test all scenario doing to create the tunnel…nothing is help…400 BAD REQUEST ever and ever and ever …ist terrible in my dreams every day.i wrote to the hotline but nobody helps or clean my accout from the old entrys in background.
im so stupid to go here to Cloudflare. before my domäne .de i had on Strato and the tunnel here on Cloudflare…all was working perfect…5 minutes only to setup .than i think i go complett to Cloudflare and have give the original domäne for using free and buye here on Cloudflare a new .uk dömäne with tunnel complete in one hand. later was the plan that will bring my company to cloudflarde, a large company AG , before i want test a little here with simple homeassistant. i privat only need home assistant…have buye at first during a time 5 years. but i cant using .

i will say goodbye you cant help because i doing so much thinks also with terminal code in my linux i will never can restore and dont know what is running in the backgrpund wrong. no dns is open anything…time out local ha is not found and more…i will buy a new domane or hope become a new for free and all laptop, telekom router and so on will bring to recycle and start and test HA from zero …the best i will take a cmplett new appartment…

thx for your help, you the only one that wrote me any letters. no local HA and never since im on Cloudflare i have using the remote…

sorry for my bad english and loosing any buchstaben because the keyboard is at half destroyed…good time for you and all the best, your problem is solved…my is everyday more and more…

this was the last what i found with the mxtools…

Web Server

http:franxxxfl.uk - 1 Tests Failed

Category Host Result
![Status Problem](https://images.mxtoolbox.com/
http franxxxxsfl.uk
The operation has timed out (http://fraxxxsfl.uk)
20

Sorry you cannot fix your problem. Good luck.

22

hi, you are absolutely right, in the end everything was so wrongly configured that only a miracle called KI chatGPT could help. I was able to calmly describe my problems, tell him every point, attach all the protocols in the chat and he gave concrete answers step by step in perfect German. I have never experienced anything like this from a scientific professor at a university. I hope that this AI will soon replace such unnecessary hotlies that only send meaningless text modules and refer to FAQs without a human word on what you write, and despite the AI you think that a real person is answering, which is also a kind of respect and appreciation of the help person looking for it means and not only offers better support in terms of profit optimization…but for people who have a single question and are new customers, simply how unimportant, tend to be a burden, and you feel like the last one…I have now without reinstalling must be able to solve all errors thanks to GPT and receive gane yaml program code within seconds, replaced with my defective ones…and since today the locale HA is working again…I will never contact a hotline again, no matter where, and I won’t stand there again with the feeling to be felt as a supplicant or as a burden.
lg and have a good week