[疑问] V2Ray 一直无法连接，有报错信息

moe

2年前

这个问题已经困扰我3天了，一直没有解决，请教一下各位18cm的mjj该如何解决这个问题。

我使用了 docker compose 部署了 V2Ray 的 vmess + tls + ws 方案，容器可以正常运行，却一直无法连接。

下面的是我的配置文件，麻烦帮忙看一下，配置是否出错了。

docker-compose.yml (docker compose 配置文件)

version: ‘3’
services:
nginx:
# 镜像
image: nginx
# 容器名
container_name: nginx
# 端口
ports:
# 80 端口
– "80:80"
# 443 端口
– "443:443"
# 数据卷
volumes:
# Nginx 配置文件夹
– "./nginx/config:/etc/nginx/conf.d"
# Nginx 站点的根目录
– "./nginx/html:/html"
# Nginx 日志文件夹
– "./nginx/log:/log"
# SSL 证书文件夹
– "./nginx/ssl:/ssl"
# 在容器退出时，总是重启容器
restart: always
“v-2-r-a-y”:
# 镜像
image: “v-2-r-a-y”/official
# 容器名
container_name: “v-2-r-a-y”
# 数据卷
volumes:
# V2Ray 配置文件
– ./“v-2-r-a-y”/config/config.json:/etc/“v-2-r-a-y”/config.json
# V2Ray 访问日志文件
– ./“v-2-r-a-y”/log/access.log:/var/log/“v-2-r-a-y”/access.log
# V2Ray 错误日志文件
– ./“v-2-r-a-y”/log/error.log:/var/log/“v-2-r-a-y”/error.log
# 在容器退出时，总是重启容器
restart: always

复制代码

“v-2-r-a-y”.conf (Nginx 配置文件)

server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_certificate /path/to/cert/file;
ssl_certificate_key /path/to/cert/file;
ssl_session_timeout 1d;
ssl_session_cache shared:MozSSL:10m;
ssl_session_tickets off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
server_name domain.com;
# 与 V2Ray 配置中的 path 保持一致
location /“v-2-r-a-y” {
# WebSocket协商失败时返回404
if ($http_upgrade != "websocket") {
return 404;
}
proxy_redirect off;
# 假设WebSocket监听在环回地址的10000端口上
proxy_pass http://“v-2-r-a-y”:1024;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
# Show real IP in “v-2-r-a-y” access.log
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# 访问日志
access_log /log/domain.com.log;
}

复制代码

V2Ray 服务器配置文件

{
"log": {
"loglevel": "warning",
"access": "/var/log/“v-2-r-a-y”/access.log",
"error": "/var/log/“v-2-r-a-y”/error.log"
},
"inbounds": [
{
"port": 1024,
"listen":"127.0.0.1",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "uuid",
"alterId": 0
}
]
},
"streamSettings": {
"network": "ws",
"wsSettings": {
"path": "/“v-2-r-a-y”"
}
}
}
],
"outbounds": [
{
"protocol": "freedom",
"settings": {}
}
]
}

复制代码

V2Ray 客户端配置文件

// 通过 V2RayN 导出为客户端配置文件
{
"policy": {
"system": {
"statsOutboundUplink": true,
"statsOutboundDownlink": true
}
},
"log": {
"access": "",
"error": "",
"loglevel": "warning"
},
"inbounds": [
{
"tag": "socks",
"port": 10808,
"listen": "127.0.0.1",
"protocol": "socks",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"auth": "noauth",
"udp": true,
"allowTransparent": false
}
},
{
"tag": "http",
"port": 10809,
"listen": "127.0.0.1",
"protocol": "http",
"sniffing": {
"enabled": true,
"destOverride": [
"http",
"tls"
]
},
"settings": {
"udp": false,
"allowTransparent": false
}
},
{
"tag": "api",
"port": 59712,
"listen": "127.0.0.1",
"protocol": "dokodemo-door",
"settings": {
"udp": false,
"address": "127.0.0.1",
"allowTransparent": false
}
}
],
"outbounds": [
{
"tag": "proxy",
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "domain.com",
"port": 443,
"users": [
{
"id": "uuid",
"alterId": 0,
"email": "[email protected]",
"security": "auto"
}
]
}
]
},
"streamSettings": {
"network": "ws",
"security": "tls",
"tlsSettings": {
"allowInsecure": true,
"serverName": "domain.com"
},
"wsSettings": {
"path": "/“v-2-r-a-y”",
"headers": {
"Host": "domain.com"
}
}
},
"mux": {
"enabled": false,
"concurrency": -1
}
},
{
"tag": "direct",
"protocol": "freedom",
"settings": {}
},
{
"tag": "block",
"protocol": "blackhole",
"settings": {
"response": {
"type": "http"
}
}
}
],
"stats": {},
"api": {
"tag": "api",
"services": [
"StatsService"
]
},
"routing": {
"domainStrategy": "IPIfNonMatch",
"domainMatcher": "linear",
"rules": [
{
"type": "field",
"inboundTag": [
"api"
],
"outboundTag": "api",
"enabled": true
},
{
"type": "field",
"port": "0-65535",
"outboundTag": "proxy",
"enabled": true
}
]
}
}

复制代码

domain.com.log (Nginx 日志文件)

162.142.125.210 – – [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "-"
162.142.125.210 – – [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
172.70.210.164 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.70.210.164 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"

复制代码

V2Ray 服务端日志文件

2022/07/19 09:57:02 [Warning] “v-2-r-a-y”.com/core: V2Ray 4.22.1 started

复制代码

V2Ray 客户端日志文件

// 在这里附上客户端日志
配置成功
[Vmess] V2Ray(“v-2-r-a-y”***com:443)
启动服务(2022/7/19 18:35:25)…
V2Ray 4.42.2 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.1 windows/386)
A unified platform for anti-**ship.
2022/07/19 18:35:25 [Info] main/jsonem: Reading config: D:Software“v-2-r-a-y”N-Coreconfig.json
2022/07/19 18:35:25 [Warning] V2Ray 4.42.2 started
2022/07/19 18:35:25 127.0.0.1:61280 accepted //mtalk.google.com:5228 [proxy]
2022/07/19 18:35:25 127.0.0.1:61281 accepted //bl3301.storage.live.com:443 [proxy]
2022/07/19 18:35:26 127.0.0.1:61286 accepted tcp:127.0.0.1:0 [api]
2022/07/19 18:35:30 127.0.0.1:61292 accepted //www.google.com:443 [proxy]
2022/07/19 18:35:30 127.0.0.1:61294 accepted //alive.github.com:443 [proxy]
2022/07/19 18:35:35 127.0.0.1:61308 accepted //alive.github.com:443 [proxy]
2022/07/19 18:35:36 [Warning] [2092548641] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://domain.com/“v-2-r-a-y”): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
2022/07/19 18:35:36 127.0.0.1:61311 accepted //mtalk.google.com:5228 [proxy]
2022/07/19 18:35:39 [Warning] [2069622245] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://domain.com/“v-2-r-a-y”): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
2022/07/19 18:35:39 127.0.0.1:61321 accepted //alive.github.com:443 [proxy]
2022/07/19 18:35:40 [Warning] [2041129081] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://domain.com/“v-2-r-a-y”): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
2022/07/19 18:35:40 127.0.0.1:61326 accepted //www.google.com:443 [proxy]

复制代码

本帖最后由摩卡于 2022-7-20 10:56 编辑

看下nginx的日志有没有转发到v2容器
另外我看v2容器没有配置端口号你配置下端口映射规则试试？

用aapanrl面板吧。方便管理https://daima.eu.org/post/bt-“v-2-r-a-y”/

别的不说，先校时，保证二者相差不超过90s

domain.com 是本来就是这样写的，还是你打码了的

本帖最后由 Jianrry 于 2022-7-20 11:11 编辑

摩卡发表于 2022-7-20 10:52
看下nginx的日志有没有转发到v2容器
另外我看v2容器没有配置端口号你配置下端口映射规则试试？ …

我不知道如何判断是否转发，麻烦大佬帮我看一下，下面是 nginx 的日志文件。

[code]162.142.125.210 – – [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "-"
162.142.125.210 – – [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
172.70.210.164 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.70.210.164 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.68.254.38 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – [19/Jul/2022:10:00:06 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.68.254.38 – – [19/Jul/2022:10:00:07 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.70.214.84 – – [19/Jul/2022:10:00:07 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – [19/Jul/2022:10:00:07 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
172.69.33.240 – – [19/Jul/2022:10:00:07 +0000] "GET /“v-2-r-a-y” HTTP/1.1" 502 157 "-" "Go-http-client/1.1"

复制代码

另外我看v2容器没有配置端口号你配置下端口映射规则试试？

v2 容器用的是 1024 端口，通过 nginx 反向代理转发到 443 端口，443 端口映射为本机的 443 端口，这个已经配置了。

V2Ray 服务器配置文件

…
"inbounds": [
{
"port": 1024,
…

复制代码

“v-2-r-a-y”.conf (Nginx 配置文件)

…
# 假设WebSocket监听在环回地址的10000端口上
proxy_pass http://“v-2-r-a-y”:1024;
…

复制代码

docker-compose.yml (docker compose 配置文件)

…
# 端口
ports:
# 80 端口
– "80:80"
# 443 端口
– "443:443"
…

复制代码

toot 发表于 2022-7-20 10:52
用aapanrl面板吧。方便管理https://daima.eu.org/post/bt-“v-2-r-a-y”/

不习惯用面板，习惯用 docker 一把梭了。。。

汤家凤发表于 2022-7-20 11:01
别的不说，先校时，保证二者相差不超过90s

已经修改时区和校时了，服务器时间和本机时间相差不到1min.

nginx 报错502 说明连接不到后端

再看你的docker compose文件，两个容器之间没有定义关联网络，两个容器网络是不通的

要么用link关联要么定义一个网络两个容器加入

参考 https://docs.docker.com/compose/networking/

CC大魔王发表于 2022-7-20 11:04
domain.com 是本来就是这样写的，还是你打码了的

打了码，将我的域名修改为了 domain.com ，为了防止别人恶意攻击。