I cannot seem to connect to postgres through its domain name.
Let’s say I’ve created an A record
postgres for my
postgres.example.com points a cloud LoadBalancer’s IP. I have a zone-level WAF which only allows inbound traffic from a VPN server I have setup somewhere else.
Additionally, I have a Kubernetes cluster running postgres and traefik. There is a Traefik
IngressRouteTCP which is configured as follows:
entryPoints: - websecure routes: - match: HostSNI(`postgres.example.com`) kind: Rule services: - name: my-postgres-service port: 5432
Which uses a cert I retrieved from cloudflare as the tls cert. (I can provide full manifests if required).
Then, I connect to my VPN and try to connect to my postgres instance using a db client. I get the following error:
Connection terminated due to connection timeout
This same config works fine for HTTP/HTTPS traffic (changing only
This doesn’t strike me as a limitation of Cloudflare so much as a misconfiguration somewhere on my end, but I wanted to double check in this community about that. I would also welcome any troubleshooting tips.