Websocket not working

Hi guys,

currently I am trying to secure my public reachable services with Cloudflare, and allmost everything looks good.

But a big problem which I have now is with Synology Drive hosted on my NAS, which needs https and websockets over port 6690 to work. I have a npm in front of the nas configured with Cloudflare origin certs which proxies the connection from the internet to the NAS.

If I am using a DNS entry which is not proxied through Cloudflare, I am also able to access the Synology Drive with its client without problems. But as soon as I activate the proxy, no connection is possible anymore.

I can’t change this port, as its hardcoded in the application.

Is there a way to get this working?

Thanks in advance!

drive.example.com → withOUT CF proxy → Port 6690 TCP → NPM → Synology Drive (NAS) => working
drive.example.com → WITH CF proxy → Port 6690 TCP → NPM → Synology Drive (NAS) => NOT working

This problem came up as I implemented the origin certs the last days into the npm and was not able to connect with local dns entries directly to the nas from local anymore over the proxy.

Greetings,

Thank you for asking.

  1. Make sure there is a valid SSL certificate or use Cloudflare Origin CA Certificate
  2. Make sure the SSL/TLS option is set to “Full Strict SSL”
  3. Make sure WebSockets feature is enabled at Cloudflare dashboard
  4. Use WSS scheme

Regarding the ports and proxy mode, I am afraid the port you are using cannot be proxied.

Kindly, feel free to check below article which ports are supported and compatible with the Cloudflare proxy mode :orange: :

Otherwise, I’d suggest you to change the port to one of the supported and compatible, or else maybe it can be done by using Cloudflare Spectrum - but that might cost you too much as far as it’s a NAS and I assume there would be a lot of data ongoing download/upload, right? :thinking:

1 Like

Hey fritex,

thanks for your answer :slight_smile:

As this whole topic is only a private thing, I don’t think that Spectrum would be the solution for me :frowning: Its not much data which is synchronized between the devices and the NAS, but with the Origin certificate in place I am not able to connect even from local to the NAS anymore and thats a big problem…

I think the only soluation is to remove the origin certifacte again :frowning:

Cloudflare’s Origin Certificates are only meant to be used between Cloudflare and your origin server, and they aren’t trusted by your browser or operating system. I would recommend configuring NPM to issue a Let’s Encrypt certificate instead if you want to connect locally.

1 Like

This is what I have done before :smiley: I just changed that on the weekend because the npm was not able to renew the Lets Encrypt Certs anymore behind the Cloudflare Proxy… :frowning:

EDIT: Funny thing… I just completely removed the Lets Encrypt certs, and was able to recreate them with Cloudflare Proxy ON and also to renew them… I don’t know what the problem was… :smiley:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.