Error 1000 DNS points to prohibited IP (using cloudflare tunnel)

I setup a tunnel in cloudflare’s zero trust and have it running pointed at my nodejs webserver. Cloudflare automatically created a CNAME record pointed at that tunnel for me, however, when I try to visit that page, I get a code 1000 error:

I don’t have any A records for this domain right now- only the tunnel’s CNAME and my mail service. Is there any way to fix this error?

Thank you!

Another observation of mine worth noting is that the tunnel works fine when I don’t connect it to a cloudflare account or domain name (i.e. use the free tunnel without an account). The issue only comes about when I try to have the tunnel go to my domain name on cloudflare’s DNS.
Here’s a screenshot of the attempt (working) when I don’t connect it to an account [sorry for all of the burred out lines- I don’t want to leak my IP]:

I’m unable to send another attachment on this message because I’m a new user so I’ll send the other screenshot in my next reply.

This is what my console looks like when I run it with my domain and the tunnel

To anyone who comes across this issue in the future:

After working on this for a little under a day, I found the fix. Clear your DNS records completely and then create a new tunnel on the Zero Trust website. After that, install cloudflared (I installed the windows .msi file). Once you have done that, follow these instructions:

  1. Set your public hostname to your domain name (example . com) and set the service to your server address with the port and protocol (https:// 111 . 111 . 111 : 443).
  2. Click on your public hostname in that same menu and hit configure. Then hit additional application settings. Make sure No TLS Verify is checked.
  3. Press the save hostname button on the bottom of that page
  4. Navigate to the overview page for that tunnel and copy the windows cloudflared command and follow those instructions.
  5. Run the command “cloudflared.exe tunnel run {insert your tunnel id here}” to start your server

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.