@Sycotix thanks for the great tutorial here. I followed the instructions as you provided but ran into some problem and wondering if you or anyone else would have any suggestions.
PROBLEM
I am getting the Cloudflare error page when I browse to my subdomain with error 521 (webserver is down). The web server I want to host on NPM is up and running and I can reach it on the LAN by going to its local IP address. I further did a packet capture on the switch port connecting the NPM server and what I see is that the communication is breaking down at the initial TCP handshake. The Cloudflare server sends a TCP SYN to NPM but NPM responds with a RST. I verified the port forwarding is working correctly and we see destination port tcp/18443.
If I browse to the NPM local IP on port 8080 I do get the congratulations page.
SETUP
I'm using a Cloud Origin CA cert on Cloudflare. I have port forwards on my router for 443 & 80 to go to 18443 & 1880, respectively. My Cloudflare DNS records are setup so that I have an A record for my root domain set to my public IP address and a CNAME for my subdomain. On NPM I added the Origin cert and setup the host with the following settings:
Details
scheme: http
Forward: local IP of server
forward port: 5055
cache assets: enabled
block common exploits: enabled
websocket support: enabled
SSL
force SSL: enabled
HTTP/2 support: enabled
If any other details are needed then please let me know. Any help or advice is much appreciated. Cheers!