Cloudflare Tunned Application 502 error with 404 in Cloudflared

Hello!

I am kind of new to Cloudflare Tunnels and Zero Trust, but have been managing docker and servers for at least a few years now, if not longer.

I am trying to switch from a Reverse-proxy to Cloudflare Tunnels with Zero-Trust to better secure my network and Self-Hosted applications.

I have Cloudflared setup in a docker container on my UnRAID server, using a custom network so it can use hostnames to connect to each service. (Cloudflared > Docker Network > Application)

I then have the Zero Trust side setup to connect to the application and proxy to HTTPS with sso login via AzureAD.

When I go to app.mydomain.com it loads and authenticates via Microsoft, then goes to a “502” error.

I checked the Cloudflared logs in docker, and it says:
{\"ingress\":[{\"hostname\":\"app.mydomain.com\", \"originRequest\":{\"access\":{\"audTag\":[\"***************************************\"], \"required\":true, \"teamName\":\"team\"}, \"noTLSVerify\":false}, \"service\":\"http://myapp:8000\"}, {\"service\":\"http_status:404\"}], \"warp-routing\":{\"enabled\":false}}

The odd part is that I can access the application from my local network without issue. I can even use that app’s console to ping the Cloudflared container and it succeeds. There is no issue with the docker network, I use it to connect my services together locally (Like an app to MariaDB, Redis, etc) and it works flawlessly.

There is another error I am seeing in the logs, I have seen at least one other post online who had this error, but there was no solution listed:
ERR Request failed error="error while processing middleware handler AccessJWTValidator: oidc: token is expired
It might be relevant.

Can y’all help me out here?

Ok, I know it’s gotta be the Cloudflared tunnel, I was just able to get into the console for the docker container cloudflared is running in, and it is able to ping and curl all of my services with no issue. Something on cloudflare’s side is the issue here.

I got it! Turns out for some reason Instant token expiry breaks the cloudflared connection. I bumped it up to 15 minutes and it works now.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.