search

cloudflare / cloudflared

Cloudflare Tunnel client (formerly Argo Tunnel)
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide
Apache License 2.0
9.4k stars 837 forks source link

RDP Argo tunnel: ERR failed to connect to origin error=“websocket: bad handshake” #410

Open TsunayoshiSawada opened 3 years ago

TsunayoshiSawada commented 3 years ago

So i've been trying to set up Argo tunnel for my dedibox running windows to tunnel my RDP

Issue: when I do it on my test domain weeb.news, this works fine, exact commands, exact cname copy pasted, exact SSL settings on both domains too. Both domains are setup same way and from same registrar as well. When I do it with the domain I want to do it, I get the following error each time.

Things to note: Cloudflared version: cloudflared version 2021.6.0 (built 2021-06-22-1034 UTC) RDP port: 666 (we use a custom port yes)

config.yml

tunnel: censored-id-here
credentials-file: C:\Users\Bots\.cloudflared\censored-id-here.json

ingress:
  - hostname: vega123.animekaizoku.com
    service: rdp://localhost:666
  - service: http_status:404

Command run on server: cloudflared tunnel run Vega Output:

C:\>cloudflared tunnel run Vega
2021-07-07T11:43:36Z INF Starting tunnel tunnelID=censored-tunnel-id
2021-07-07T11:43:36Z INF Version 2021.6.0
2021-07-07T11:43:36Z INF GOOS: windows, GOVersion: go1.16.3, GoArch: amd64
2021-07-07T11:43:37Z INF Settings: map[cred-file:C:\Users\Bots\.cloudflared\censored-tunnel-id.json credentials-file:C:\Users\Bots\.cloudflared\censored-tunnel-id.json]
2021-07-07T11:43:37Z INF cloudflared will not automatically update on Windows systems.
2021-07-07T11:43:37Z INF Generated Connector ID: censored-connector-id
2021-07-07T11:43:37Z INF Initial protocol http2
2021-07-07T11:43:37Z INF Starting metrics server on 127.0.0.1:4979/metrics
2021-07-07T11:43:37Z INF Connection d1bef979-censored registered connIndex=0 location=AMS
2021-07-07T11:43:38Z INF Connection e48768c5-censored registered connIndex=1 location=LHR
2021-07-07T11:43:39Z INF Connection 34af3f50-censored registered connIndex=2 location=AMS
2021-07-07T11:43:40Z INF Connection 4a60e9c8-censored registered connIndex=3 location=LHR

Command run on client: 

C:\Users\Sawada>cloudflared access rdp --hostname vega123.animekaizoku.com --url localhost:789 --loglevel debug
2021-07-07T11:45:39Z INF Start Websocket listener host=localhost:789
2021-07-07T11:45:46Z DBG Websocket request: GET / HTTP/1.1
Host: vega123.animekaizoku.com

2021-07-07T11:45:47Z ERR failed to connect to origin error="websocket: bad handshake" originURL=https://vega123.animekaizoku.com

I cant begin to explain how mind boggling it is to be stuck with this Domain SSL settings: same on both domains (flexible) Universal SSL: On Websockets: On

Same config works if I change animekaizoku.com to weeb.news and fails when I use animekaizoku.com.

This is bizzaire, both domains are hosted on the same cloudflare account. Kindky help, I give up on this.

nmldiegues commented 3 years ago

Both CNAME records (weeb.news) and (animekaizoku.com) point to the same record value?

I am not sure we will be able to diagnose much here without access to your specific account. This is probably best served by cloudflare support, as it may be a zone specific issue and not so much a cloudflared issue.

TsunayoshiSawada commented 3 years ago

Yes, copy pasted the Kaizoku cname on weeb and tested, works.

Tried Kaizoku, error SSL.

I would be very happy to do a discord session with a screenshare if anyone is willing to dig more into this, anytime. I do have a post on CF community support but that's as far as things go at a free level.