I have tested migration of command line configured tunnels to the dashboard UI configuration. There is a UI bug when using the optional domain path. The path is ignored with standard domain path strings. It always attempts connect to the first ingress rule “rule 0”. There is a simple workaround to resolve, which needs the path to have an extra preceding “/” even though the UI already shows the slash separator.
Debugging on the server with the following confirms the issue cloudflared --loglevel debug tunnel run
The client ssh config:
Host example-ssh2
Hostname sshservers.example.come/ssh2
ProxyCommand /usr/local/bin/cloudflared access ssh --hostname %h
User user1
IdentityFile ~/.ssh/id_priv
The old YML on server configuration which works fine:
ingress:
# Rules map traffic from a hostname to a local service:
- hostname: sshservers.example.com
path: /ssh1
service: ssh://localhost:22
- hostname: sshservers.example.com
path: /ssh2
service: ssh://192.168.100.100:22
- hostname: sshservers.example.com
path: /ssh3
service: ssh://192.168.100.200:22
Does not work:
Workaround with an extra preceding path slash seperator:
