502 Bad Gateway with cloudflared on Windows Server

Hi Cloudflare community,

I have a problem with an Cloudflare Tunnel that has ceased working without any known changes to the configuration. Users revceive a 50 Bad Gateway error:

The tunnel.log file most recent entries are as below, but essentially “An existing connection was forcibly closed by the remote host”

*{“level”:“info”,“tunnelID”:“c8c5505a-b6ef-40f1-b533-c23c5f4272be”,“time”:“2022-02-10T12:02:38Z”,“message”:“Starting tunnel”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“Version 2022.2.0”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“GOOS: windows, GOVersion: go1.17.5, GoArch: amd64”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“Settings: map[cred-file:C:\Windows\System32\config\systemprofile\.cloudflared\c8c5505a-b6ef-40f1-b533-c23c5f4272be.json credentials-file:C:\Windows\System32\config\systemprofile\.cloudflared\c8c5505a-b6ef-40f1-b533-c23c5f4272be.json logfile:C:\Windows\System32\config\systemprofile\.cloudflared\tunnel.log]”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“Generated Connector ID: cd61ffa9-37be-4bce-b157-c05dd47264c0”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“cloudflared will not automatically update on Windows systems.”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“Initial protocol http2”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“Starting metrics server on 127.0.0.1:49488/metrics”}
{“level”:“info”,“time”:“2022-02-10T12:02:38Z”,“message”:“cloudflared does not support loading the system root certificate pool on Windows. Please use --origin-ca-pool to specify the path to the certificate pool”}
{“level”:“info”,“connIndex”:0,“location”:“SIN”,“time”:“2022-02-10T12:02:39Z”,“message”:“Connection 5514eb92-d1d9-46ce-8f3f-984f1682953c registered”}
{“level”:“info”,“connIndex”:1,“location”:“NRT”,“time”:“2022-02-10T12:02:40Z”,“message”:“Connection 32f0706c-2fd0-4fd8-8255-05cdbd5f266c registered”}
{“level”:“info”,“connIndex”:2,“location”:“SIN”,“time”:“2022-02-10T12:02:41Z”,“message”:“Connection cc39910a-cd55-43fd-abcb-41c851ece632 registered”}
{“level”:“info”,“connIndex”:3,“location”:“NRT”,“time”:“2022-02-10T12:02:42Z”,“message”:“Connection 41e66b94-916d-44a8-9beb-bd523159a0f1 registered”}
{“level”:“error”,“error”:“Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: read tcp [::1]:49498->[::1]:443: wsarecv: An existing connection was forcibly closed by the remote host.”,“cfRay”:“6db531e44f3a88bb-LHR”,“ingressRule”:“0”,“originService”:“https://localhost:443”,“time”:“2022-02-10T12:03:31Z”}

Things I’ve tried:

  • Restarting cloudflared
  • Updating to the most recent version of cloudflared
  • Checking status of tunnel:
    *PS C:\program files\Cloudflare\cloudflared> ./cloudflared tunnel info webportal-tokyo
    NAME: webportal-tokyo
    ID: c8c5505a-b6ef-40f1-b533-c23c5f4272be
    CREATED: 2021-07-09 13:28:55.247845 +0000 UTC

CONNECTOR ID CREATED ARCHITECTURE VERSION ORIGIN IP EDGE
cd61ffa9-37be-4bce-b157-c05dd47264c0 2022-02-10T12:02:41Z windows_amd64 2022.2.0 3.115.238.222 2xNRT, 2xSIN
PS C:\program files\Cloudflare\cloudflared>

I can see the tunnel is active in the dash portal

I’m a little stumped as this is my first time reviewing this product which was configured by a colleague who has now left. Environment is Windows Server 2016 on AWS EC2. The application is .net running on IIS and I’m able to hit the URL internally without any issues. The DNS CNAME matches the tunnel ID as per the configuration guide for the service.

Could anyone offer some guidance on next troubleshooting steps please?

Thanks,

Will