Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home Help
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

SSL Errors when Accessing Cloudflare Sites through Wireguard VPN

stonovenstonoven Member
in Help

I'm running Pi-hole, PiVPN, and Unbound on an ARM Compute Instance from Oracle Cloud. My client is a Windows machine behind CGNAT. When connected to PiVPN, I'm experiencing issues accessing websites that are hosted behind Cloudflare (e.g., ChatGPT, Claude AI, Pluralsight). On Chromium-based browsers, these websites return either ERR_SSL_PROTOCOL_ERROR or ERR_QUIC_PROTOCOL_ERROR. On Firefox and its forks, the same websites return SSL_ERROR_RX_MALFORMED_SERVER_HELLO.

In my attempt to diagnose the root cause of this issue, I uninstalled Pi-hole, PiVPN, and Unbound completely. Then I used wireguard-install to create a Wireguard server. After connecting to the server, I tried to access those websites, but they all returned the same error. I am at a loss as to what to do next. Since I don't have much knowledge in diagnosing SSL errors or network-related issues, any guidance would be greatly appreciated.

Debug logs

  1. Pi-hole: https://pb.envs.net/?384e07e675146a58#buZLxqVM92m7w8N84ZWUg24KLEKV1iqamLgEvGHCygC
  2. PiVPN: https://pb.envs.net/?219e94fb105f6001#5DroCbEBa95BQhLxKXcg4beGggLkHCRGBcemfF94Twm3
  3. Unbound Configuration: https://pb.envs.net/?ad43cd3d1a71d285#JBqkVydBiyixNB4RXQJBfn8KBjBCP1XXBwAWhhaynCCN

Comments

  • kedihackerkedihacker Member

    Can you access non AI focused websites like Cloudflare homepage and Cloudflare blog website? Maybe oracle blocks AI websites.

  • stonovenstonoven Member

    @kedihacker said:
    Can you access non AI focused websites like Cloudflare homepage and Cloudflare blog website? Maybe oracle blocks AI websites.

    Nope

  • stonovenstonoven Member

    I forgot to mention that I already tried adjusting the MTU value from 1420 down to 1280, but it didn't resolve the issue. When I attempted to go lower, the WireGuard app for Windows displayed the following error: Unable to configure adapter network settings.

  • egororegoror Member

    UDP 443 allowed on firewall?

  • stonovenstonoven Member

    @egoror said:
    UDP 443 allowed on firewall?

    Yep

    Firewall rules:

    1. IPv4: https://pb.envs.net/?cb8577972dba2979#y3m5J8aFrWubgoXjhcCuhjAa9W9pzpm4DWZuySAugbS
    2. IPv6: https://pb.envs.net/?397a1d512f84976e#3ScAxK7mztp46w73ABr5Le4xsSM7Vwvky9ZPyeGX2nfB
  • GulfGulf Member
    edited November 2024

    I saw the same error from user reports.

    do you have an anti-virus installed?
    also, maybe providers tries to block vpn

  • stonovenstonoven Member

    @Gulf said:
    I saw the same error from user reports.

    do you have an anti-virus installed?
    also, maybe providers tries to block vpn

    Nope, I'm not using any anti-virus suite and when I tried Cloudflare WARP tunnel via the WireGuard client (generated using wgcf), the websites loaded normally.

  • mwtmwt Member

    Maybe it's because wireguard usually changes your DNS? You could try removing that from the config.

    Do non-CF websites like google.com work fine with https?

  • stonovenstonoven Member

    It looks like the problem wasn't related to WireGuard or Oracle's network. It was caused by GoodbyeDPI running on my Windows machine.

    Thanked by 1JasonM
  • JasonMJasonM Member

    @stonoven said: It was caused by GoodbyeDPI running on my Windows machine.

    could you pls tell how to disable/fix that goodbyedpi. I'm also getting same error while browsing few sites.

  • stonovenstonoven Member

    @JasonM said:

    @stonoven said: It was caused by GoodbyeDPI running on my Windows machine.

    could you pls tell how to disable/fix that goodbyedpi. I'm also getting same error while browsing few sites.

    There should be a service_remove.cmd script inside the GoodbyeDPI folder.

    Thanked by 1JasonM
Sign In or Register to comment.