Neo4j on Cloudflare Tunnels, Cannot Connect to Python Driver

drshika2 · May 1, 2025, 4:38pm

Hello! I have an instance of Neo4j set up on my server using this docker command:

docker run -d \
  --name neo4j_primekg \
  --publish=7475:7474 \
  --publish=7688:7687 \
  --env NEO4J_AUTH=neo4j/******** \
  --env NEO4J_dbms_security_procedures_unrestricted=apoc.* \
  --env NEO4J_dbms_security_procedures_allowlist=apoc.* \
  --env NEO4J_PLUGINS='["apoc"]' \
  --env NEO4J_dbms_connector_http_enabled=true \
  --env NEO4J_dbms_connector_http_listen__address=0.0.0.0:7474 \
  --env NEO4J_dbms_connector_http_advertised__address=prime-kg.uiuc.chat:443 \
  --env NEO4J_dbms_connector_https_enabled=false \
  --env NEO4J_dbms_connector_bolt_enabled=true \
  --env NEO4J_dbms_connector_bolt_listen__address=0.0.0.0:7687 \
  --env NEO4J_dbms_connector_bolt_advertised__address=prime-kg-bolt.uiuc.chat:443 \
  --env NEO4J_dbms_default__listen__address=0.0.0.0 \
  --env NEO4J_dbms_ssl_policy_bolt_enabled=false \
  --volume=$HOME/neo4j_primekg/import:/var/lib/neo4j/import \
  --volume=neo4j_primekg_volume1:/data \
  neo4j:2025.03.0

This is tunneled through Cloudflare Zero Trust with the following configuration:

	Public Hostname	Path	Service	Origin Configurations
2	prime-kg.uiuc.chat	*	http://localhost:7475	https
3	prime-kg-bolt.uiuc.chat	*	http://localhost:7688	https

When I navigate to the Neo4j Web Browser, I can connect and run Cypher Procedures.

But when I try connecting to Neo4j via the python driver, I consistently get this error message:
neo4j.exceptions.ServiceUnavailable: Unable to retrieve routing information
And I was running a basic script like this:

from neo4j import GraphDatabase

# URI examples: "neo4j://localhost", "neo4j+s://xxx.databases.neo4j.io"
URI = "neo4j+s://prime-kg-bolt.uiuc.chat"
AUTH = ("neo4j", "****")

with GraphDatabase.driver(URI, auth=AUTH) as driver:
    driver.verify_connectivity()

Things I've Tried

I was using an older version of Neo4j and I've tried updating to the newest version.
Using different URLs:
neo4j+s://prime-kg-bolt.uiuc.chat:443
bolt+s://prime-kg-bolt.uiuc.chat:443
neo4j://prime-kg-bolt.uiuc.chat:443
bolt://prime-kg-bolt.uiuc.chat:443
neo4j+s://prime-kg-bolt.uiuc.chat
bolt+s://prime-kg-bolt.uiuc.chat
neo4j://prime-kg-bolt.uiuc.chat
bolt://prime-kg-bolt.uiuc.chat

tried exposing TCP for 7688 instead of HTTPS but that didn't make a difference.

Would appreciate any help/pointers with this issue. Thank you!

joshcornejo · May 2, 2025, 6:25am

The browser can connect because it is "local2local" (the webservice is on the server, connected to the database).

I think you are advertising the same port for both mapped to localhost (0.0.0.0) ports:

  --env NEO4J_dbms_connector_http_advertised__address=prime-kg.uiuc.chat:443 \
  --env NEO4J_dbms_connector_bolt_advertised__address=prime-kg-bolt.uiuc.chat:443 \

Topic		Replies	Views
Neo4j-Python connection problem: Neo4j on GCP Drivers & Stacks gcp , neo4j-python-driver	0	245	February 23, 2024
Problem with connect to bolt in docker Neo4j Graph Platform	2	625	November 16, 2020
Unable to connect to remote Neo4j instance Newbie Questions	1	1106	November 20, 2020
Neo4j GCP Deployment: WebSocket connection failure and Failed to establish connection Neo4j Graph Platform migrated	4	261	August 10, 2022
Unable to connect to neo4j from a docker instance Server docker	4	5869	July 21, 2020

Neo4j on Cloudflare Tunnels, Cannot Connect to Python Driver

Things I've Tried

Related topics