Creating Loadbalancer via Cloudflare, KEMP gives error 520

Hi, I tried to follow an youtubers instructions to the letter but i get an 520 error after i want to reach my site.

Here are the steps i followed:

  • This is the video i followed you need to learn Load Balancing RIGHT NOW!! (and put one in your home network!) - YouTube
  • Registered my domain name: cobracore.ml via freenom
  • Installed KEMP via VMWare Player
  • Opened the port 443 on my modem
  • Created an VIP on KEMP and portforwared that IP with my modem (with port 443)
  • Created SSL certificate via KEMP and Cloudflare and installed the Cloudlfare root cert as Intermediate.
  • After this i created a sub VIP for Radarr and Sonarr so that there ip’s are forwarded via 443 to the internet.
  • I’ve set my SSL/TLS from FULL Strict to Full and even OFF (Not secure)
  • When i set my SSL/TLS on Off, than the site works but its not secure enough for me.
  • When i set it back on Full Strict or on only Full and try to open my site on different browsers i get the error 520.
  • The certificate is valid so says sslhopper.com
  • Here is my cdn-cgi information.
fl=373f84
h=cobracore.ml
ip=ts=1639873310.829
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Edg/96.0.1054.53
colo=LHR
http=http/2
loc=NL
tls=TLSv1.3
sni=plaintext
warp=off
gateway=off

I’ve added my public IP to the DNS management in Cloudflare, and enabled proxy:

Is Cloudflare allowed to connect to your origin host / server?:

Or maybe some Firewall is blocking Cloudflare to connect to it?

Is it working over HTTPS or HTTP?

May I ask have you used Cloudflare Origin CA Certificate or generated your own via Let’s Encrypt / Certbot?
Or is it a self-signed certificate?

1 Like

Nevermind, it works now. I disabled the option SSL reencrypt and it now works with all the other settings mentioned. :slight_smile:

2 Likes