Issues using Tunnel with Traefik

Hi, Cloudflare community.

Setup a traefik instance in docker that I want to use for all of my services. In my traefik instance, I am using SSO via Authelia. I set up a domain in cloudflare and I have 2 separate subdomains. One for internal services “.lan. mydomain .c0m" , and one for external services ".home. mydomain. c0m”

I was able to expose my auth entry point with no issues by pointing it at “authelia:9091”. This is now reachable from the outside with no problems. It’s when exposing other internal services where I am experiencing problems.

I obviously want to use SSO externally so I need to use traefik. The VM supplying the cloudflare tunnel is also hosting traefik and authelia but all other services that I want to expose are running in docker on other VM’s.
I have added the DNS names in pihole to point both internal, and external DNS names to where traefik is sitting. This works fine with no issues. Internally both DNS records resolve as they should.

However, on Cloudflare’s tunnel config when I add my public host name, and point it at my traefik specified DNS entry I get a Host Error when trying to get to it externally. What am I doing wrong? How does this need to be setup?

I have attached screenshots of the errors i am getting. If anyone is able to help I would greatly appreciate it. Spent the past 2 days on trying to get this to work with no luck.

I dont’t know if it helps or not but I ended up setting the Origin Server Name as “*” and setting No TLS Verify as true in TLS settings in the tunnel public hostname settings
my traefik config might also be allowing the no tls verify part but I am not sure
Maybe you can try playing around to move forward.