SNI阻断 #1301
Comments
|
Can you share when you noticed your SNI getting blocked? |
|
I configured everything and it worked fine at first, but after a few days I found that I couldn't use it to surf the Internet. I checked the logs and found some errors, which seemed to be error logs of TLS handshake failure. I tried to use curl to test my domain name + port, and I got a connection reset error. I used telnet to test it again, and it seemed that the port was accessible. I used a series of tools such as ping and nslookup and found that everything was normal. |
|
Can you try sending some random data a few seconds before you make the connection to your server. Something like: Make sure you use the same source port (65535) when you connect to your server after this. |
|
OK, let me try it, but I think it can communicate normally through the IP+port method. If you use the domain name, it cannot be accessed. Isn’t this the feature of SNI blocking? |
|
Try it out and see if it works. |
|
It seems that I don't see any changes. Suppose the port of my server is 5000. I try to listen to this port. The client sends a data packet to the server, but I don't detect any data! |
最近我发现了一个问题,当我使用我的域名解析到某台服务器上的时候,当然它他不属于中国,并且我配合Hysteria使用会出现TLS握手失败,我很确定证书是没问题的,我怀疑是中国对SNI进行了阻拦,这并不是没有发生过。
但是我不知道该怎么解决,因为让我感到诡异的是,我的其他设备是正常的,比如abc.com这个域名我创建了两个三级域名,1.abc.com和2.abc.com,它们其中一个是工作的,这让我感到不解。
我该怎么解决这个该死的问题?
The text was updated successfully, but these errors were encountered: