V2Ray 一直无法连接，有报错信息

Jianrry

这个问题已经困扰我3天了，一直没有解决，请教一下各位18cm的mjj该如何解决这个问题。

我使用了 docker compose 部署了 V2Ray 的 vmess + tls + ws 方案，容器可以正常运行，却一直无法连接。

下面的是我的配置文件，麻烦帮忙看一下，配置是否出错了。

docker-compose.yml (docker compose 配置文件)

1. version: '3'
   
2. 
   
3. services:
   
4. 
   
5. nginx:
   
6. # 镜像
   
7. image: nginx
   
8. # 容器名
   
9. container_name: nginx
   
10. # 端口
    
11. ports:
    
12. # 80 端口
    
13. - "80:80"
    
14. # 443 端口
    
15. - "443:443"
    
16. # 数据卷
    
17. volumes:
    
18. # Nginx 配置文件夹
    
19. - "./nginx/config:/etc/nginx/conf.d"
    
20. # Nginx 站点的根目录
    
21. - "./nginx/html:/html"
    
22. # Nginx 日志文件夹
    
23. - "./nginx/log:/log"
    
24. # SSL 证书文件夹
    
25. - "./nginx/ssl:/ssl"
    
26. # 在容器退出时，总是重启容器
    
27. restart: always
    
28. 
    
29. v2ray:
    
30. # 镜像
    
31. image: v2ray/official
    
32. # 容器名
    
33. container_name: v2ray
    
34. # 数据卷
    
35. volumes:
    
36. # V2Ray 配置文件
    
37. - ./v2ray/config/config.json:/etc/v2ray/config.json
    
38. # V2Ray 访问日志文件
    
39. - ./v2ray/log/access.log:/var/log/v2ray/access.log
    
40. # V2Ray 错误日志文件
    
41. - ./v2ray/log/error.log:/var/log/v2ray/error.log
    
42. # 在容器退出时，总是重启容器
    
43. restart: always

复制代码

v2ray.conf (Nginx 配置文件)

1. server {
   
2. 
   
3. listen 443 ssl;
   
4. listen [::]:443 ssl;
   
5. 
   
6. ssl_certificate /path/to/cert/file;
   
7. ssl_certificate_key /path/to/cert/file;
   
8. ssl_session_timeout 1d;
   
9. ssl_session_cache shared:MozSSL:10m;
   
10. ssl_session_tickets off;
    
11. 
    
12. ssl_protocols TLSv1.2 TLSv1.3;
    
13. ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
    
14. ssl_prefer_server_ciphers off;
    
15. 
    
16. server_name domain.com;
    
17. 
    
18. # 与 V2Ray 配置中的 path 保持一致
    
19. location /v2ray {
    
20. 
    
21. # WebSocket协商失败时返回404
    
22. if ($http_upgrade != "websocket") {
    
23. return 404;
    
24. }
    
25. 
    
26. proxy_redirect off;
    
27. 
    
28. # 假设WebSocket监听在环回地址的10000端口上
    
29. proxy_pass http://v2ray:1024;
    
30. proxy_http_version 1.1;
    
31. proxy_set_header Upgrade $http_upgrade;
    
32. proxy_set_header Connection "upgrade";
    
33. proxy_set_header Host $host;
    
34. 
    
35. # Show real IP in v2ray access.log
    
36. proxy_set_header X-Real-IP $remote_addr;
    
37. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
38. 
    
39. }
    
40. 
    
41. # 访问日志
    
42. access_log/log/domain.com.log;
    
43. 
    
44. }

复制代码

V2Ray 服务器配置文件

1. 
   
2. {
   
3. "log": {
   
4. "loglevel": "warning",
   
5. "access": "/var/log/v2ray/access.log",
   
6. "error": "/var/log/v2ray/error.log"
   
7. },
   
8. "inbounds": [
   
9. {
   
10. "port": 1024,
    
11. "listen":"127.0.0.1",
    
12. "protocol": "vmess",
    
13. "settings": {
    
14. "clients": [
    
15. {
    
16. "id": "uuid",
    
17. "alterId": 0
    
18. }
    
19. ]
    
20. },
    
21. "streamSettings": {
    
22. "network": "ws",
    
23. "wsSettings": {
    
24. "path": "/v2ray"
    
25. }
    
26. }
    
27. }
    
28. ],
    
29. "outbounds": [
    
30. {
    
31. "protocol": "freedom",
    
32. "settings": {}
    
33. }
    
34. ]
    
35. }

复制代码

V2Ray 客户端配置文件

1. 
   
2. 
   
3. // 通过 V2RayN 导出为客户端配置文件
   
4. {
   
5. "policy": {
   
6. "system": {
   
7. "statsOutboundUplink": true,
   
8. "statsOutboundDownlink": true
   
9. }
   
10. },
    
11. "log": {
    
12. "access": "",
    
13. "error": "",
    
14. "loglevel": "warning"
    
15. },
    
16. "inbounds": [
    
17. {
    
18. "tag": "socks",
    
19. "port": 10808,
    
20. "listen": "127.0.0.1",
    
21. "protocol": "socks",
    
22. "sniffing": {
    
23. "enabled": true,
    
24. "destOverride": [
    
25. "http",
    
26. "tls"
    
27. ]
    
28. },
    
29. "settings": {
    
30. "auth": "noauth",
    
31. "udp": true,
    
32. "allowTransparent": false
    
33. }
    
34. },
    
35. {
    
36. "tag": "http",
    
37. "port": 10809,
    
38. "listen": "127.0.0.1",
    
39. "protocol": "http",
    
40. "sniffing": {
    
41. "enabled": true,
    
42. "destOverride": [
    
43. "http",
    
44. "tls"
    
45. ]
    
46. },
    
47. "settings": {
    
48. "udp": false,
    
49. "allowTransparent": false
    
50. }
    
51. },
    
52. {
    
53. "tag": "api",
    
54. "port": 59712,
    
55. "listen": "127.0.0.1",
    
56. "protocol": "dokodemo-door",
    
57. "settings": {
    
58. "udp": false,
    
59. "address": "127.0.0.1",
    
60. "allowTransparent": false
    
61. }
    
62. }
    
63. ],
    
64. "outbounds": [
    
65. {
    
66. "tag": "proxy",
    
67. "protocol": "vmess",
    
68. "settings": {
    
69. "vnext": [
    
70. {
    
71. "address": "domain.com",
    
72. "port": 443,
    
73. "users": [
    
74. {
    
75. "id": "uuid",
    
76. "alterId": 0,
    
77. "email": "t@t.tt",
    
78. "security": "auto"
    
79. }
    
80. ]
    
81. }
    
82. ]
    
83. },
    
84. "streamSettings": {
    
85. "network": "ws",
    
86. "security": "tls",
    
87. "tlsSettings": {
    
88. "allowInsecure": true,
    
89. "serverName": "domain.com"
    
90. },
    
91. "wsSettings": {
    
92. "path": "/v2ray",
    
93. "headers": {
    
94. "Host": "domain.com"
    
95. }
    
96. }
    
97. },
    
98. "mux": {
    
99. "enabled": false,
    
100. "concurrency": -1
     
101. }
     
102. },
     
103. {
     
104. "tag": "direct",
     
105. "protocol": "freedom",
     
106. "settings": {}
     
107. },
     
108. {
     
109. "tag": "block",
     
110. "protocol": "blackhole",
     
111. "settings": {
     
112. "response": {
     
113. "type": "http"
     
114. }
     
115. }
     
116. }
     
117. ],
     
118. "stats": {},
     
119. "api": {
     
120. "tag": "api",
     
121. "services": [
     
122. "StatsService"
     
123. ]
     
124. },
     
125. "routing": {
     
126. "domainStrategy": "IPIfNonMatch",
     
127. "domainMatcher": "linear",
     
128. "rules": [
     
129. {
     
130. "type": "field",
     
131. "inboundTag": [
     
132. "api"
     
133. ],
     
134. "outboundTag": "api",
     
135. "enabled": true
     
136. },
     
137. {
     
138. "type": "field",
     
139. "port": "0-65535",
     
140. "outboundTag": "proxy",
     
141. "enabled": true
     
142. }
     
143. ]
     
144. }
     
145. }

复制代码

domain.com.log (Nginx 日志文件)

1. 162.142.125.210 - - [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "-"
   
2. 162.142.125.210 - - [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
   
3. 172.70.210.164 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
4. 172.70.210.164 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
5. 172.69.33.240 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   

复制代码

V2Ray 服务端日志文件

1. 
   
2. 
   
3. 2022/07/19 09:57:02 [Warning] v2ray.com/core: V2Ray 4.22.1 started

复制代码

V2Ray 客户端日志文件

1. // 在这里附上客户端日志
   
2. 
   
3. 配置成功
   
4. [Vmess] V2Ray(v2ray***com:443)
   
5. 启动服务(2022/7/19 18:35:25)...
   
6. V2Ray 4.42.2 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.1 windows/386)
   
7. A unified platform for anti-**ship.
   
8. 2022/07/19 18:35:25 [Info] main/jsonem: Reading config: D:\Software\v2rayN-Core\config.json
   
9. 2022/07/19 18:35:25 [Warning] V2Ray 4.42.2 started
   
10. 2022/07/19 18:35:25 127.0.0.1:61280 accepted //mtalk.google.com:5228 [proxy]
    
11. 2022/07/19 18:35:25 127.0.0.1:61281 accepted //bl3301.storage.live.com:443 [proxy]
    
12. 2022/07/19 18:35:26 127.0.0.1:61286 accepted tcp:127.0.0.1:0 [api]
    
13. 2022/07/19 18:35:30 127.0.0.1:61292 accepted //www.google.com:443 [proxy]
    
14. 2022/07/19 18:35:30 127.0.0.1:61294 accepted //alive.github.com:443 [proxy]
    
15. 2022/07/19 18:35:35 127.0.0.1:61308 accepted //alive.github.com:443 [proxy]
    
16. 2022/07/19 18:35:36 [Warning] [2092548641] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://domain.com/v2ray): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
    
17. 2022/07/19 18:35:36 127.0.0.1:61311 accepted //mtalk.google.com:5228 [proxy]
    
18. 2022/07/19 18:35:39 [Warning] [2069622245] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://domain.com/v2ray): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
    
19. 2022/07/19 18:35:39 127.0.0.1:61321 accepted //alive.github.com:443 [proxy]
    
20. 2022/07/19 18:35:40 [Warning] [2041129081] app/proxyman/outbound: failed to process outbound traffic > proxy/vmess/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://domain.com/v2ray): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
    
21. 2022/07/19 18:35:40 127.0.0.1:61326 accepted //www.google.com:443 [proxy]
    

复制代码

Jianrry

huaxing0211 发表于 2022-7-20 11:37
"listen":"127.0.0.1",
docker里用0.0.0.0，或是删除，默认

非常感谢大佬的回复，问题就是出在这里。

刚才按照大佬的回复，修改完配置文件之后。

v2ray 多出了访问日志 access.log，之前的 access.log 的内容一直为空，现在 nginx 已经转发到 v2ray 了。

又出现了新的问题，还没有解决，大佬能再帮忙看一下吗？

v2ray 访问日志 access.log

1. 2022/07/20 04:34:18 [2409:8a55:4e97:3e20:5cb2:69ba:f042:cf3f]:58494 rejectedv2ray.com/core/proxy/vmess/encoding: invalid user
   
2. 2022/07/20 04:34:18 [2409:8a55:4e97:3e20:5cb2:69ba:f042:cf3f]:58492 rejectedv2ray.com/core/proxy/vmess/encoding: failed to read request header > websocket: close 1000 (normal)

复制代码

网上的回复说与时间有关，需要校对时间。

我已经尝试过了修改服务器的时区为上海时区，通过 ntpdate -u time.windows.com 校对时间，误差不超过1s ，本地电脑的时间也校对过了。

重新检查了一下 v2ray 的配置文件，但是还没有发现问题。

麻烦路过的各位大佬，多多指点一下。

摩卡

看下nginx的日志 有没有转发到v2容器
另外我看v2容器没有配置端口号 你配置下端口映射规则试试？

toot

用aapanrl面板吧。方便管理https://daima.eu.org/post/bt-v2ray/

汤家凤

别的不说，先校时，保证二者相差不超过90s

CC大魔王

domain.com 是本来就是这样写的，还是你打码了的

Jianrry

摩卡 发表于 2022-7-20 10:52
看下nginx的日志 有没有转发到v2容器
另外我看v2容器没有配置端口号 你配置下端口映射规则试试？ ...

我不知道如何判断是否转发，麻烦大佬帮我看一下，下面是 nginx 的日志文件。

1. [code]162.142.125.210 - - [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "-"
   
2. 162.142.125.210 - - [19/Jul/2022:10:00:00 +0000] "GET / HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)"
   
3. 172.70.210.164 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
4. 172.70.210.164 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
5. 172.69.33.240 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
6. 172.69.33.240 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
7. 172.68.254.38 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
8. 172.69.33.240 - - [19/Jul/2022:10:00:06 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
9. 172.68.254.38 - - [19/Jul/2022:10:00:07 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
   
10. 172.70.214.84 - - [19/Jul/2022:10:00:07 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
    
11. 172.69.33.240 - - [19/Jul/2022:10:00:07 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"
    
12. 172.69.33.240 - - [19/Jul/2022:10:00:07 +0000] "GET /v2ray HTTP/1.1" 502 157 "-" "Go-http-client/1.1"

复制代码

另外我看v2容器没有配置端口号 你配置下端口映射规则试试？

v2 容器用的是 1024 端口，通过 nginx 反向代理转发到 443 端口，443 端口映射为本机的 443 端口，这个已经配置了。

V2Ray 服务器配置文件

1. 
   
2. ...
   
3. "inbounds": [
   
4. {
   
5. "port": 1024,
   
6. ...
   

复制代码

v2ray.conf (Nginx 配置文件)

1. ...
   
2. # 假设WebSocket监听在环回地址的10000端口上
   
3. proxy_pass http://v2ray:1024;
   
4. ...

复制代码

docker-compose.yml (docker compose 配置文件)

1. ...
   
2. # 端口
   
3. ports:
   
4. # 80 端口
   
5. - "80:80"
   
6. # 443 端口
   
7. - "443:443"
   
8. ...

复制代码

Jianrry

toot 发表于 2022-7-20 10:52
用aapanrl面板吧。方便管理https://daima.eu.org/post/bt-v2ray/

不习惯用面板，习惯用 docker 一把梭了。。。

Jianrry

汤家凤 发表于 2022-7-20 11:01
别的不说，先校时，保证二者相差不超过90s

已经修改时区 和 校时 了，服务器时间和本机时间相差不到1min.

一颗赛艇

nginx 报错502 说明连接不到后端

再看你的docker compose文件，两个容器之间没有定义关联网络，两个容器网络是不通的

要么用link关联 要么定义一个网络两个容器加入

参考 https://docs.docker.com/compose/networking/