Troubleshooting
💡Note
Container connectivity
Check that your container is active. For example, if you're using Docker, you can use the following command to check the status and how long it's been up:
docker ps
Container logs
You can also tail the logs to check for any errors. Here's another Docker example:
docker logs <container name or container id> --tail all
If there isn't enough detail, you can specify the log level you need using the environment variable TUNNEL_LOGLEVEL
when starting a container. We recommend turning off the debug logs, since the debug logs can container sensitive information. The levels correlate to Cloudflare tunnel log levels.
docker run \
--env TINES_TUNNEL_SECRET="secret" \
--env TUNNEL_LOGLEVEL=debug \
tines/tines-tunnel:latest
Tunnel connectivity
Check that your tunnel is healthy using the admin page that lists tunnel health statuses.
Action configuration
Check that your action is configured with the correct URL to your private network system by using curl
from within your container.
If you can see an error in the action log, check the common errors below to help diagnose the issue.
Common Errors
Commonly encountered errors when using a tunnel in your HTTP Request
or Send Email Action
and how to troubleshoot.
TUNNEL_CONNECTION_ERROR
We were unable to establish a tunnelled connection for tunnelName
This may be an issue with either the endpoint being called from the action request or the tunnel being down.
Please check the following:
Your
tines-tunnel
container is active.The tunnel is properly configured and healthy.
The action request endpoint used is a valid hostname and url.
You can see the health status of your tines tunnel by visiting /admin/tunnel
and viewing the tunnel status.
TUNNEL_CONNECTION_ERROR: Exception encountered is: Connection reset by peer - SSL_connect
We were unable to establish a tunnelled connection to the tunnel container or the remote origin behind the tunnel container. This error likely indicates that the TCP/TLS handshake between Tines and the remote origin failed. To remediate the issue please check the following:
Your tines-tunnel container is active.
The tunnel is properly configured and healthy.
You are able to send a
curl
or similar to the remote origin from within the tunnel container.The action request endpoint used is a valid hostname and url.
You can see the health status of your tines tunnel by visiting /admin/tunnel
and viewing the tunnel status. If the issue persists, please reach out to our support team.
TUNNEL_OPEN_TIMEOUT_ERROR
We encountered a timeout while opening the tunnel connection for tunnelName.
This may be an issue with either the endpoint being called from the action request or the tunnel being down.
Please check the following:
Your
tines-tunnel
container is active.The tunnel is properly configured and healthy.
The action request endpoint is a valid hostname and url.
You can see the health status of your tines tunnel by visiting /admin/tunnel
and viewing the tunnel status.
If the tunnel is configured correctly, the server may not be responding promptly.
To troubleshoot further:
Copy your Tines Action as a curl command and run it in your container (on your server).
If it works, it's likely a timeout issue. Increase the timeout on your HTTP Request Action to at least 60 seconds.
SSL_ERROR
An SSL connection error was returned for the request.
SSL certificate verification failed. This may be caused by an outdated SSL certificate, incorrect URL, network issues, or misconfigurations.
To resolve, check the following:
Renew or Update SSL Certificate: Ensure it's current.
Check URL and Parameters of action request are correct.
Network Configuration: Inspect for issues.
Disable SSL verification temporarily: Consider setting
disable_ssl_verification
totrue
, in the action options.
TINES_TUNNEL_SECRET environment variable has an invalid value.
This might happen if you're using Docker secrets to store variables. Check that you're setting a secret-env
at /run/secrets/secret-env.
unknown protocol
If the tunnel is failing to connect to Cloudflare servers, you can try switching to a different protocol using the https://developers.cloudflare.com/cloudflare-one/connections/connect-networks/configure-tunnels/tunnel-run-parameters/#protocol. For some customers, quic does not work but http2 does.