Client met Error 522

user2622 · 2019-01-02 05:01:34 UTC

Hi everyone,
Many client met error 522

I added ip to whitelisted but not working. Please help me!

sandro · 2019-01-03 09:15:38 UTC

user2622 · 2019-01-11 06:58:17 UTC

Thanks Sandro
Data output of https://hris.ipeoplex.com/cdn-cgi/trace:

Well client:
fl=23f95
h=hris.ipeoplex.com
ip=14.177.72.224
ts=1547126278.587
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HKG
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

Failed client:
fl=177f18
h=hris.ipeoplex.com
ip=1.55.226.85
ts=1547127086.451
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HAN
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

Tks.

user2622 · 2019-01-11 06:59:41 UTC

Hi CloudFlare Support Team,

We are currently using CloudFlare’s SSL service for domain ipeoplex.com
When connecting to the my web site https://hris.ipeoplex.com , we have the following problems:

The clients using internet service of Viettel or VNPT run well.
The clients using internet service of FPT cannot running, the browser reports “Error 522”. We have tested on this clients, them can still access CloudFare’s website.

Tracert data on the client has errors at the bottom.

Look forward to your support.
Thank you very much.

C:>Tracert hris.ipeoplex.com
Tracing route to hris.ipeoplex.com [104.27.148.240]
over a maximum of 30 hops:
1 25 ms 1 ms 1 ms 118.70.244.17
2 1 ms 1 ms 1 ms 118.71.250.5
3 * * * Request timed out.
4 2 ms 2 ms 2 ms 10.245.35.252
5 2 ms 1 ms 2 ms 42.112.2.158
6 2 ms 1 ms 3 ms 10.245.32.235
7 27 ms 21 ms 22 ms 118.69.132.132
8 22 ms 23 ms 25 ms 118.69.252.173
9 23 ms 23 ms 23 ms 118.69.221.210
10 22 ms 21 ms 21 ms 104.27.148.240
Trace complete.

C:\Users\VanHuong>tracert hris.ipeoplex.com
Tracing route to hris.ipeoplex.com [104.27.148.240]
over a maximum of 30 hops:
1 1 ms 1 ms <1 ms 192.168.1.1
2 3 ms 3 ms 5 ms 113.22.4.121
3 81 ms 8 ms 3 ms 42.112.4.26
4 5 ms 5 ms 5 ms 1.55.152.22
5 2 ms 3 ms 3 ms 104.27.148.240
Trace complete.

sandro · 2019-01-11 07:01:11 UTC

I’d check on your server if you possibly have any firewall rules in place which could prevent Cloudflare from connecting from certain PoPs.

Also, can you post the output of https://hris.ipeoplex.com/cdn-cgi/trace for both connections?

user2622 · 2019-01-11 07:21:05 UTC

Thanks Sandro
Data output of https://hris.ipeoplex.com/cdn-cgi/trace:

Well client:
fl=23f95
h=hris.ipeoplex.com
ip=14.177.72.224
ts=1547126278.587
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HKG
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

Failed client:
fl=177f18
h=hris.ipeoplex.com
ip=1.55.226.85
ts=1547127086.451
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HAN
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

sandro · 2019-01-11 07:33:07 UTC

It appears as if the Vietnamese PoP (HAN) cant reach your site whereas the Hongkonger PoP (HKG) can.

Did you check your server firewall if you have any rules in place which could prevent that connection?

user2622 · 2019-01-11 07:44:30 UTC

Tks,
I have turn off Windows Firewall in my server, but everything not change,

sandro · 2019-01-11 07:54:00 UTC

That website is on a Windows server?

user2622 · 2019-01-11 07:58:05 UTC

Yes. It’s deployment in IIS8 (Windows Server 2012 R2)

sandro · 2019-01-11 08:07:03 UTC

Could it be there is anything in the webserver configuration blocking these requests or maybe another firewall outside the machine on the network?

user2622 · 2019-01-11 08:21:54 UTC

Tks Sandro,

i has make requirement to check ip of cloudflare in black list, but them response it’s not in black list.

sandro · 2019-01-11 08:49:55 UTC

Neither webserver nor firewall?

user2622 · 2019-01-11 08:57:22 UTC

Yes. And you can check when see the development tools of google chrome ?

sandro · 2019-01-11 08:59:07 UTC

The developers tools are unrelated to this issue. If you can rule out that anything is blocking the access your only option is to contact support -> https://support.cloudflare.com/requests/new

user2622 · 2019-01-11 09:00:31 UTC

Thanks for your supported.

user2622 · 2019-01-11 14:11:00 UTC

Dear CloudFlare support team,

My website using CloudFlare SSL service.
Domain: ipeoplex.com
My server location in Hanoi / VietNam.

Now all client using FPT Internet service when connect to website ipeoplex.com has Error 522 (Connection timeout) all case using http and https protocols.
I login CloudFlare and change DNS from [DNS and HTTP proxy] to [DNS only] then this client can connect to mysite using http protocol.
I think transmision has problem between CloundFlare Hanoi and FPT Internet Service provider.
Please help me fix it.

Thanks for your support

cloonan · 2019-01-11 18:40:54 UTC

Hi @user2622, just want to add a note, the Community is made of up cloudflare users helping other cloudflare users, to reach Cloudflare Customer Support, you’d login to Cloudflare and then contact Cloudflare Support. You can pretty much file a ticket from the bottom of every knowledge base article.

In a lot of cases, the community or the archives on the community will enable you to solve any issues. Some issues like account settings, unsupported/future features, or how we route traffic need to be taken up with support. In this case, as @sandro commented, you’ll need to open a ticket with support. Please post back with the ticket number as I’d like to keep an eye on it.

user2622 · 2019-01-13 11:34:39 UTC

Thank for your suppoted

system · 2019-02-01 04:24:54 UTC

This topic was automatically closed after 30 days. New replies are no longer allowed.