Adding a Cloudflare tunnel to Rancher UI

We normally access rancher via an internal dns name over a vpn. We need to get access to our now dispersed team, and i’m trying to setup a cloudflared tunnel. i think they used to call this Argo tunnel.

The tunnel comes up on an externally resolvable url and I can get Ranchers login screen. However I’m not able to submit the login form as the it appears to submit to the internal dns name, which is unresolvable without the vpn.

the setup looks something like this

GET http://external-hostname
–> Cloudflare Tunnel
–> Container running cloudflared
–> GET http://internal-hostname

Has anyone got Rancher 2’s UI to work in a similar scenario, where the ui works on 2 different hostnames?