Tunnel is active, but not access on the public hostname

hi all,

we have this weird situation here. We created a new tunnel using the zero trust UI, the process is smooth and the UI show the tunnel is “Active” as followed when we completed the process.

We further confirm that the Cloudflared Status as followed

● cloudflared.service - cloudflared
     Loaded: loaded (/etc/systemd/system/cloudflared.service; enabled; vendor preset: enabled)
     Active: active (running) since Sat 2022-04-30 16:34:06 +08; 11min ago
   Main PID: 8012 (cloudflared)
      Tasks: 10 (limit: 9259)
     Memory: 9.4M
     CGroup: /system.slice/cloudflared.service
             └─8012 /usr/bin/cloudflared --no-autoupdate tunnel run --token xxxx -- token is removed intentionally -- xxxx

Apr 30 16:34:05 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:05Z INF cloudflared will not automatically update if installed by a package manager.
Apr 30 16:34:05 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:05Z INF Initial protocol quic
Apr 30 16:34:05 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:05Z INF Starting metrics server on 127.0.0.1:40691/metrics
Apr 30 16:34:05 rferatech-nig cloudflared[8012]: 2022/04/30 16:34:05 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.
Apr 30 16:34:06 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:06Z INF Connection d8d95933-82c7-49cd-a700-91aa8708a4d8 registered connIndex=0 location=SIN
Apr 30 16:34:06 rferatech-nig systemd[1]: Started cloudflared.
Apr 30 16:34:06 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:06Z INF Updated to new configuration config="{\"ingress\":[{\"hostname\":\"demoimt-ssh.rfera.asia\",\"originRequest\":{},\"service\":\"ssh://localhost:22\"},{\"service\":\"http_status:404\"}],\"warp-routing\":{\"enabled\":false}}" version=2
Apr 30 16:34:06 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:06Z INF Connection a3ad09e3-a3ef-42f7-9585-5974972f50c2 registered connIndex=1 location=KUL
Apr 30 16:34:07 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:07Z INF Connection 69bcc58e-496d-4549-8242-3f60a8e97613 registered connIndex=2 location=SIN
Apr 30 16:34:08 rferatech-nig cloudflared[8012]: 2022-04-30T08:34:08Z INF Connection 6e856f3c-a91c-400d-9a28-ff3606d0853e registered connIndex=3 location=KUL

Our question is why can’t we access to https://demoimt-ssh.rfera.asia? when the page opens, it just stay ideal with no content at all, just a blank page. Can someone point us to the right direction to resolve this?

Thank you in advance. Cheers!

How are you accessing? It seems to be a SSH origin, which requires a SSH client.
If I do:

ssh -oProxyCommand="cloudflared access ssh --hostname https://demoimt-ssh.rfera.asia/" -oStrictHostKeyChecking=no -oUserKnownHostsFile=/dev/null demoimt-ssh.rfera.asia/

it asks me for a password, meaning I am connected.

Make sure to check out our tutorials: https://developers.cloudflare.com/cloudflare-one/tutorials/ssh/
Of course you may skip / adjust the steps for using the new Tunnel UI, as you did, rather than doing the set up in the CLI.

Also, our recommendation is that you set up Access in front of this URL, so that you have extra protection and not just the SSH password.

Finally, you can even have the SSH client render in the browser, as per https://developers.cloudflare.com/cloudflare-one/tutorials/ssh-browser/

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.