Client met Error 522

firewall

#1

Hi everyone,
Many client met error 522


I added ip to whitelisted but not working. Please help me!


Error 522 when client using FPT Internet service
#2

#3

Thanks Sandro
Data output of https://hris.ipeoplex.com/cdn-cgi/trace:

Well client:
fl=23f95
h=hris.ipeoplex.com
ip=14.177.72.224
ts=1547126278.587
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HKG
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

Failed client:
fl=177f18
h=hris.ipeoplex.com
ip=1.55.226.85
ts=1547127086.451
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HAN
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

Tks.


#4

Hi CloudFlare Support Team,

We are currently using CloudFlare’s SSL service for domain ipeoplex.com
When connecting to the my web site https://hris.ipeoplex.com , we have the following problems:

  • The clients using internet service of Viettel or VNPT run well.
  • The clients using internet service of FPT cannot running, the browser reports “Error 522”. We have tested on this clients, them can still access CloudFare’s website.

Tracert data on the client has errors at the bottom.

Look forward to your support.
Thank you very much.

C:>Tracert hris.ipeoplex.com
Tracing route to hris.ipeoplex.com [104.27.148.240]
over a maximum of 30 hops:
1 25 ms 1 ms 1 ms 118.70.244.17
2 1 ms 1 ms 1 ms 118.71.250.5
3 * * * Request timed out.
4 2 ms 2 ms 2 ms 10.245.35.252
5 2 ms 1 ms 2 ms 42.112.2.158
6 2 ms 1 ms 3 ms 10.245.32.235
7 27 ms 21 ms 22 ms 118.69.132.132
8 22 ms 23 ms 25 ms 118.69.252.173
9 23 ms 23 ms 23 ms 118.69.221.210
10 22 ms 21 ms 21 ms 104.27.148.240
Trace complete.

C:\Users\VanHuong>tracert hris.ipeoplex.com
Tracing route to hris.ipeoplex.com [104.27.148.240]
over a maximum of 30 hops:
1 1 ms 1 ms <1 ms 192.168.1.1
2 3 ms 3 ms 5 ms 113.22.4.121
3 81 ms 8 ms 3 ms 42.112.4.26
4 5 ms 5 ms 5 ms 1.55.152.22
5 2 ms 3 ms 3 ms 104.27.148.240
Trace complete.


#5

I’d check on your server if you possibly have any firewall rules in place which could prevent Cloudflare from connecting from certain PoPs.

Also, can you post the output of https://hris.ipeoplex.com/cdn-cgi/trace for both connections?


Error 522 with some internet service providers
#6

Thanks Sandro
Data output of https://hris.ipeoplex.com/cdn-cgi/trace:

Well client:
fl=23f95
h=hris.ipeoplex.com
ip=14.177.72.224
ts=1547126278.587
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HKG
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext

Failed client:
fl=177f18
h=hris.ipeoplex.com
ip=1.55.226.85
ts=1547127086.451
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=HAN
http=h2
loc=VN
tls=TLSv1.3
sni=plaintext


#7

It appears as if the Vietnamese PoP (HAN) cant reach your site whereas the Hongkonger PoP (HKG) can.

Did you check your server firewall if you have any rules in place which could prevent that connection?


#8

Tks,
I have turn off Windows Firewall in my server, but everything not change,


#9

That website is on a Windows server?


#10

Yes. It’s deployment in IIS8 (Windows Server 2012 R2)


#11

Could it be there is anything in the webserver configuration blocking these requests or maybe another firewall outside the machine on the network?


#12

Tks Sandro,

i has make requirement to check ip of cloudflare in black list, but them response it’s not in black list.


#13

Neither webserver nor firewall?


#14

Yes. And you can check when see the development tools of google chrome ?


#15

The developers tools are unrelated to this issue. If you can rule out that anything is blocking the access your only option is to contact support -> https://support.cloudflare.com/requests/new


#16

Thanks for your supported.


#17

Dear CloudFlare support team,

My website using CloudFlare SSL service.
Domain: ipeoplex.com
My server location in Hanoi / VietNam.

Now all client using FPT Internet service when connect to website ipeoplex.com has Error 522 (Connection timeout) all case using http and https protocols.
I login CloudFlare and change DNS from [DNS and HTTP proxy] to [DNS only] then this client can connect to mysite using http protocol.
I think transmision has problem between CloundFlare Hanoi and FPT Internet Service provider.
Please help me fix it.

Thanks for your support

p1
p2
p3


#18

Hi @user2622, just want to add a note, the Community is made of up cloudflare users helping other cloudflare users, to reach Cloudflare Customer Support, you’d login to Cloudflare and then contact Cloudflare Support. You can pretty much file a ticket from the bottom of every knowledge base article.

In a lot of cases, the community or the archives on the community will enable you to solve any issues. Some issues like account settings, unsupported/future features, or how we route traffic need to be taken up with support. In this case, as @sandro commented, you’ll need to open a ticket with support. Please post back with the ticket number as I’d like to keep an eye on it.


#19

Thank for your suppoted


closed #20

This topic was automatically closed after 30 days. New replies are no longer allowed.