Forward Proxy with Caddy V2 does not function, a bug or wrong Caddyfile?

jn7890_W · December 17, 2020, 1:58am

1. Caddy version (`caddy version`):

v2.2.3 h1:xxMaF/Nb3B5VhXkQREvjGUdfDgseMmc5IyhUktYO7gM=
caddy v2 with forward proxy plugin branch caddy2 9fe1292 (not offically yet)

2. How I run Caddy:

caddy start OR sudo systemctl start caddy

a. System environment:

Unbuntu server 20.04 on AWS and Google Cloud

b. Command:

caddy start OR sudo systemctl start caddy

c. Service/unit/compose file:

d. My complete Caddyfile or JSON config:

:443, hkgcp.geoml.top
route {
        forward_proxy {
                basic_auth user1 passwd
                ports 80 443
                hide_ip
                hide_via
                probe_resistance caddyserver.com
        }


        @NoAccess {
                not path /secret/ /baobei/*
        }

        file_server @NoAccess browse {
                root /var/www/html/opendocs
        }
}

3. The problem I’m having:

www.google.com is blocked in China mainland. I would like to reach www.google.com by using forward proxy. I tried many times, but caddy 2+forward proxy (branch caddy2) did not work. File_server works as expected.

However I successfully loaded www.google.com with caddy V1+forward proxy in Google Chrome. but failed with Firefox.

4. Error messages and/or full log output:

caddy does not have error in command line.
xcaddy compile has no error information.

Google Chrome to load www.google.com:
This site can’t be reachedThe webpage at https://www.google.com.hk/ might be temporarily down or it may have moved permanently to a new web address.
ERR_TUNNEL_CONNECTION_FAILED

5. What I already tried:

Compiled a few times with Xcaddy, and a few installation on AWS, Google cloud. Ubbuntu and Debian.
Read docs about Caddyfile and try to configure the correct Caddyfile.
Run caddy by caddy start, sudo systemctl start caddy.
Caddy v2 + forward proxy(branch caddy2) did not work.

Tried caddy V1+ forward Proxy, it worked, I can load www.google.com and watch youtube with Chrome. Firefox, I failed.

6. Links to relevant resources:

francislavoie · December 17, 2020, 2:36am

Hmm, your post’s formatting seems a bit broken, could you fix it?

jn7890_W · December 17, 2020, 6:34am

I tried to put it in good format, but failed. As a new user, I had the following warning:

“Sorry, new users can only put 4 links in a post. Remember to enclose Caddyfiles and logs with backticks (```) on empty lines immediately before and after the text - domains posted this way do not count as links.”

I did exactly as the warning, the warning still stop my proper format from publishing.

I put a link to replace many line Caddyfile, did not work.

jn7890_W · December 17, 2020, 3:01pm

format fixed.
the waring (4 link limitation for new user) had been removed, thanks.

matt · December 17, 2020, 10:46pm

You’ll have to make sure your client is configured correctly in order for the connection to succeed.

To troubleshoot, I would begin by removing things from the config, or starting with bare-bones minimal configuration and seeing where it stops working.

jn7890_W · December 18, 2020, 5:32am

Thank you for the advice.
I deleted “probe_resistance caddyserver.com” from Caddyfile, proxy works well.
However, when access my website , shows “ERR_UNEXPECTED_PROXY_AUTH”, indicating my web is a proxy. Probe_resistance function is missing.

I would believe there is a bug with Probe_resistance function.

system · January 16, 2021, 1:58am

This topic was automatically closed after 30 days. New replies are no longer allowed.