Eduroam seemingly blocking Cloudflare proxy?

What is the name of the domain?

whitetxt.dev

What is the issue you’re encountering

PR_END_OF_FILE_ERROR while connecting to my site through Eduroam.

What steps have you taken to resolve the issue?

I’ve been moving over to a new domain for about 3 hours, and couldn’t for the life of me figure out why I kept getting this “PR_END_OF_FILE_ERROR” error with Firefox on both mobile and desktop.
I tried changing my configuration, enabling the old domain I had aswell to get a certificate from Let’s Encrypt, adding different types of certificates, etc.
Eventually I tried turning off my WiFi and using mobile data instead, and it worked perfectly.
I’m not sure what could be the issue at all since Eduroam seems to work on every other website (and I assume at least some will use Cloudflare proxies in their DNS), so I have no idea what I should even start looking at to get this resolve.

Was the site working with SSL prior to adding it to Cloudflare?

Yes

What is the current SSL/TLS setting?

Full (strict)

What are the steps to reproduce the issue?

I’m not sure if anyone else will be able to reproduce this, but I’ve attached a screenshot of curl not liking it with some verbose information so hopefully that will help.

Screenshot of the error

Welcome to the Cloudflare Community. :logodrop:

The IP shown in your screenshot is not a Cloudflare IP. It belongs to OpenDNS. You may want to ask Eduroam about this since your site appears to work from elsewhere.

https://cf.sjr.org.uk/tools/check?30ecbf3cacd743ceac91fa3456e25b92#connection-server-https

2 Likes

Thanks for looking into this, I think it must have just been it was too new and OpenDNS was doing some form of check or something on it, since it works perfectly now.

Thanks for your help!

1 Like

Just to give feedback on this.

If there are no configured DNS servers or if the school is using local DNS for the Microsoft ActiveDirectory, there could be configured Forwarders for custom filtering if not possible at the school router.

If the domain registered lately, possibly if using router like Fortigate with licence and Web filtering, it’ll be Web filtering the cause of such case (looking for the SSL certificate, verifying the connection, etc.). Otherwise, maybe some local DNS cache still on the network if you’ve tried this recently before the domain wasn’t active and proxied :orange: via Cloudflare yet.

If you’re the sysadmin of the school or manage the equipment directly, you could have a better insight what’s going on. Otherwise, ask school ISP for more troubleshooting.

I’ve tested if remotely few moments ago with a wired and wifi device, there is no issue loading your domain while being connected to the Eduroam network (from Croatia :croatia: at least).

However, if I go check curl for your hostname and point to the IP address 146.xxx.xx.xx (not the origin server/host IP?) from the screenshot, there is the error. May I ask have you got SSL certificate installed and valid for your hostname at your origin host/server, or using Cloudflare Origin CA certificate? :thinking:

To renew or generate an Let’s Encrypt on the origin server, you’d have to temporary use the “Pause Cloudflare” option from the CF dashboard. Otherwise, you won’t be able to renew the SSL certificate. (other option is to disable Always Use HTTPS)

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.