Same here, I have previously running tunnel which failed once I updated the ingress rules. I tried:
- re-creating the whole thing
- changing protocol (http2, quic, etc)
- lowering
- enabling caching dev mode
- setting
Security LeveltoEssentially Off - disabling
Browser Integrity Check - added a “everyone/bypass” access rule
- rollback to version down to 2022.10.x
The tunnel is used inside a kubernetes cluster so I also tried:
- routing directly to the pod
- routing to the service (non tls)
- routing to ingress controller with internal tls (no verify)
- routing to ingress controller with cloudflared origin tls
Enabling debug / trace logs doesn’t give much more info, the request just never seems to get to the cloudflared process.
I can’t get any extra info with the cf-ray (there are no events logs in the Security => Events view or in the “argo control panel”. So I really can’t figure out where the 403 comes from.
Good thing this is just for self-hosted, wouldn’t want this happen on production server.