dswede43 Posted August 14, 2022 Share Posted August 14, 2022 Hello, Tried posting this on the cloudflare community but it wouldn't let me as "you can't include links in your posts" for some reason, even though I had no links. So here I am posting this here instead. My domain name is stratz.me. I am trying to create various subdomains to connect to my docker container GUIs over the internet via a secure encrypted connection. However, I keep getting 521 errors when trying to connect through https. My server is running unraid OS, reverse proxy is NGINX proxy manager with an origin certificate from cloudflare added to it, my router has port 80/443 forwarded to 180/1443 respectively (HTTP/HTTPS ports of NGINX proxy manager), and cloudflare SSL is set to full (strict). I have 2 questions: 1. My DNS records are shown below: The 1st A record points to my public IP and the 2nd points to the local IP of my unraid server, then I have a CNAME for my jellyfin docker that points to a duckdns domain, which points to my public IP. Could someone tell me if this is correct? 2. I came across another post with a similar issue as me and mentioned adding cloudflare iptables to the server to fix the issue, which included a link to some commands to do this as shown below: # For IPv4 addresses iptables -I INPUT -p tcp -m multiport --dports http,https -s $ip -j ACCEPT # For IPv6 addresses ip6tables -I INPUT -p tcp -m multiport --dports http,https -s $ip -j ACCEPT However, I'm confused as to where I run these commands? Do I open up the command prompt within my unraid server or SSH into the server? Some clarification here would be nice as I am not an experienced linux user. Also of note, when I unproxy my jellyfin CNAME on cloudflare, I no longer get a 521 error but instead get the error code "ERR_SSL_VERSION_OR_CIPHER_MISMATCH". Not sure if this helps but I thought I'd add this detail in regardless. Lastly, here are my results when testing my URL on the cloudflare diagnostics center. DNS results: HTTP results: SSL results: Please guide me as this is my first server I've ever built. Thank you Quote Link to comment
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.