Can Cloudflare Tunnels use the CNAME protocol to access domain names that are not in Cloudflare?
If someone is setting up a
CNAME towards one of your domain names, they would typically end up with the
1014 CNAME Cross User Banned error.
That be, unless you have actually configured your Cloudflare account to also act on behalf of the origin of the
CNAME, such as for example via Cloudflare for SaaS.
That should, to my knowledge, not make any difference regardless if the origin is behind a Cloudflare Tunnel or not.
SaaS has been used, but it is still an error, Cloudflare Tunnels does not seem to support binding domain names that do not stay in Cloudflare. What should I do if I want to use cname to access an off-site domain name?
You cannot use Tunnels to access another domain name… probably not in the way you’re thinking.
When you have a
www record pointed at your tunnel, it sends all traffic for
www.domain.tld to the tunnel connector. At the end of that connection, either the machine running the tunnel needs to be running some sort of service to listen for the connection, or the tunnel connector (cloudflared) needs to be told how to direct that traffic through a local network.
I suppose it’s possible if you install a proxy server on the device with the tunnel connector, and configured the proxy server to fetch from another location. But with Cloudflare products only, I don’t believe so.