Argo Tunnel does not work with Cloudflare for SaaS


Im currently setting up multiple sites over multiple Accounts and to access the backend i use the “Custom Hostnames” feature so i can easily change 1 dns record and all sites will be updated.
This works fine, but when i try using an Cloudflare Tunnel as Record for the Custom Hostnames, all requests fail and trigger the “Catch-All” response from the Tunnel. I can only add domains from my Account to the tunnel so im wondering how i can get it to work with domains that are not on my Account but proxy to my Backend with the Custom Hostnames Feature.

Looking forward for help

I’m not sure if I understood your setup. Are you using a cloudflared tunnel? If so, you can add a network CIDR to the cloudflared tunnel so outgoing connections matching that destination are forced through the tunnel. If you need to override the real DNS record you can add it to the domain fallback list and create that zone on your internal DNS, so it resolves to an IP included in the CIDR forced through the tunnel.

Okay i managed to fix it, can be closed.

So others can learn from your experience, how did you fix it?

For anyone finding this topic in the future, set your Cloudflare Tunnel Catch-All rule in the dashboard to a URL like https://localhost - that’s where your Cloudflare for SaaS origin traffic will be sent. This isn’t obvious in the docs, but I have tested it and it works!

1 Like