Internally hosted domain SSL issue due to route not hitting CloudFlare

m374llic4 · January 14, 2021, 2:06am

Hello all,
I am wondering if someone might be able to make a recommendation. I have a subdomain which I am hosting internally, but I am using CloudFlare’s Full SSL mode. As such, the SSL connection only works between CF and the domain name’s destination server.

This works great externally, but when I try to hit it internally, the trace is going from the PC to the gateway, then it hits the external IP then comes back in to the internal IP of the server.

Is there a way to force the request to make the full trip to CloudFlare first then back here? I asked on the Fortinet subreddit as well, as my firewall is Fortigate FW60DP, but I am not quite sure if this is something I can/should handle within the CloudFlare settings or not.

Thanks,

sdayman · January 14, 2021, 2:29am

This sounds like a DNS issue. Public DNS should return Cloudflare IP addresses for your proxied site. But if you have some sort of internal DNS system, it may be providing the origin IP address instead.

m374llic4 · January 15, 2021, 5:58am

It looks like the issue ended up being the fact that I turned off the proxy feature at some point in the last day or two when I was testing something else out and didn’t remember to turn it back on. All is well now that I did.

system · January 15, 2021, 3:32am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.