Multiple tunnels for Multiple Different Servers

I am trying to wrap my head around this one …

I would like to configure different subdomains & tunnels for different servers (hosts):


I could get SSH tunnel working on

As soon as I introduced, the tunnel that I intended to create for is also connected to

I read the tunnel-permissions article … So it would appear that the certificate for the top-level domain grants automatically access to ALL tunnels for ALL connected servers.

cloudflared tunnel list shows 2 entries on both hosts.

From the dashboard it would seem that the 2 subdomains point to different IP addresses / hostnames, so it should work.

I can ssh into successfully, but when ssh into I just get

kex_exchange_identification: Connection closed by remote host
Connection closed by UNKNOWN port 65535

Is there a way to achieve what I want, using different subdomains, but keeping the same top-level domain ?

Thank you for your help :smiley:

Can you share a screenshot of your tunnel config? Also, worth checking your WAF events log so something cloudflared can be blocked when it tries to make connections.