app/proxyman/inbound: connection ends > proxy/vmess/inbound: invalid request from 58.39.118.225:56983 > common/drain: common/drain: unable to drain connection > EOF > proxy/vmess/encoding: invalid user: VMessAEAD is enforced and a non VMessAEAD connection is received.

[shufanhao]

除非特殊情况，请完整填写所有问题。不按模板发的 issue 将直接被关闭。 如果你遇到的问题不是 V2Ray 的 bug，比如你不清楚要如何配置，请使用Discussion进行讨论。

1) 你正在使用哪个版本的 V2Ray？（如果服务器和客户端使用了不同版本，请注明） 服务端：4.44.0 ， 客户端: V2RayX(Version 1.5.1 (1278)) 2) 你的使用场景是什么？比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。 使用safari或chrome 通过VMess 代理访问google. 3) 你看到的不正常的现象是什么？（请描述具体现象，比如访问超时，TLS 证书错误等） 访问超时，打不开google. 4) 你期待看到的正确表现是怎样的？ 能正常打开google，或者YouTube. 5) 请附上你的配置（提交 Issue 前请隐藏服务器端IP地址）。

服务器端配置:

{
    "log": {
        "access": "/var/log/v2ray/access.log",
        "error": "/var/log/v2ray/error.log",
        "loglevel": "debug"
    },
    "inbound": {
        "port":31462,
        "protocol": "vmess",

        "settings": {
            "clients": [
                {
                    "id": "xxxx",
                    "level": 1,
                    "alterId": 64
                }
            ]
        },
        "streamSettings": {
            "network": "kcp"
        },
        "detour": {
            "to": "vmess-detour-522598"
        }
    },
    "outbounds": [
    {
      "protocol": "freedom",
      "settings": {}
    }
  ]
}

客户端配置:

{
  "routing" : {
    "name" : "all_to_main",
    "domainStrategy" : "AsIs",
    "rules" : [
      {
        "type" : "field",
        "outboundTag" : "test server",
        "port" : "0-65535"
      }
    ]
  },
  "inbounds" : [
    {
      "listen" : "127.0.0.1",
      "protocol" : "socks",
      "settings" : {
        "ip" : "127.0.0.1",
        "auth" : "noauth",
        "udp" : true
      },
      "tag" : "socksinbound",
      "port" : 1081
    },
    {
      "listen" : "127.0.0.1",
      "protocol" : "http",
      "settings" : {
        "timeout" : 0
      },
      "tag" : "httpinbound",
      "port" : 1087
    }
  ],
  "dns" : {
    "servers" : [
      "localhost"
    ]
  },
  "log" : {
    "error" : "\/var\/folders\/ly\/_1t18yhd74gd3fgymh37wk7w0000gn\/T\/cenmrev.v2rayx.log\/error.log",
    "loglevel" : "info",
    "access" : "\/var\/folders\/ly\/_1t18yhd74gd3fgymh37wk7w0000gn\/T\/cenmrev.v2rayx.log\/access.log"
  },
  "outbounds" : [
    {
      "sendThrough" : "0.0.0.0",
      "mux" : {
        "enabled" : false,
        "concurrency" : 8
      },
      "protocol" : "vmess",
      "settings" : {
        "vnext" : [
          {
            "address" : "192.248.174.38",
            "users" : [
              {
                "id" : "a1a94c36-f84d-43cd-9816-f17220487a42",
                "alterId" : 64,
                "security" : "auto",
                "level" : 1
              }
            ],
            "port" : 31462
          }
        ]
      },
      "tag" : "test server",
      "streamSettings" : {
        "sockopt" : {

        },
        "quicSettings" : {
          "key" : "",
          "header" : {
            "type" : "none"
          },
          "security" : "none"
        },
        "tlsSettings" : {
          "allowInsecure" : false,
          "alpn" : [
            "http\/1.1"
          ],
          "serverName" : "server.cc",
          "allowInsecureCiphers" : false
        },
        "wsSettings" : {
          "path" : "",
          "headers" : {

          }
        },
        "httpSettings" : {
          "path" : "",
          "host" : [
            ""
          ]
        },
        "tcpSettings" : {
          "header" : {
            "type" : "none"
          }
        },
        "kcpSettings" : {
          "header" : {
            "type" : "none"
          },
          "mtu" : 1350,
          "congestion" : false,
          "tti" : 20,
          "uplinkCapacity" : 5,
          "writeBufferSize" : 1,
          "readBufferSize" : 1,
          "downlinkCapacity" : 20
        },
        "security" : "none",
        "network" : "kcp"
      }
    }
  ]
}

6) 请附上出错时软件输出的错误日志。在 Linux 中，日志通常在 /var/log/v2ray/error.log 文件中。

服务器端错误日志:

2022/01/16 14:45:12 [Info] transport/internet/kcp: #30683 creating connection to 58.39.118.225:55749
2022/01/16 14:45:15 [Info] transport/internet/kcp: #30684 creating connection to 58.39.118.225:55750
2022/01/16 14:45:15 [Info] transport/internet/kcp: #30685 creating connection to 58.39.118.225:55751
2022/01/16 14:45:15 [Info] transport/internet/kcp: #30686 creating connection to 58.39.118.225:55752
2022/01/16 14:45:24 [Debug] transport/internet/kcp: #30672 entering state 4 at 35032
2022/01/16 14:45:24 [Info] [2914957906] app/proxyman/inbound: connection ends > proxy/vmess/encoding: failed to read request header > EOF
2022/01/16 14:45:24 [Debug] transport/internet/kcp: #30672 entering state 5 at 35032
2022/01/16 14:45:24 [Info] transport/internet/kcp: #30672 closing connection to 58.39.118.225:55849
2022/01/16 14:45:24 [Info] transport/internet/kcp: #30672 terminating connection to 58.39.118.225:55849
2022/01/16 14:45:25 [Debug] transport/internet/kcp: #30679 entering state 4 at 35007
2022/01/16 14:45:25 [Info] [182318016] app/proxyman/inbound: connection ends > proxy/vmess/inbound: invalid request from 58.39.118.225:55865 > common/drain: common/drain: unable to drain connection > EOF > proxy/vmess/encoding: invalid user: VMessAEAD is enforced and a non VMessAEAD connection is received. You can still disable this security feature with environment variable v2ray.vmess.aead.forced = false . You will not be able to enable legacy header workaround in the future.
2022/01/16 14:45:25 [Debug] transport/internet/kcp: #30679 entering state 5 at 35007
2022/01/16 14:45:25 [Info] transport/internet/kcp: #30679 closing connection to 58.39.118.225:55865
2022/01/16 14:45:25 [Info] transport/internet/kcp: #30679 terminating connection to 58.39.118.225:55865

客户端错误日志:

 2022/01/16 22:45:20 [Info] [1795909714] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > context canceled
2022/01/16 22:45:20 [Info] [1795909714] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > context canceled
2022/01/16 22:45:21 [Info] v2ray.com/core/transport/internet/kcp: #30679 closing connection to 192.248.174.38:31462
2022/01/16 22:45:21 [Info] [882519820] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > context canceled
2022/01/16 22:45:21 [Info] [882519820] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > context canceled
2022/01/16 22:45:31 [Info] v2ray.com/core/transport/internet/kcp: #30685 closing connection to 192.248.174.38:31462
2022/01/16 22:45:31 [Info] [4072818911] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > context canceled
2022/01/16 22:45:31 [Info] [4072818911] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > context canceled

7) 请附上访问日志。在 Linux 中，日志通常在 /var/log/v2ray/access.log 文件中。

2022/01/16 14:44:42 58.39.118.225:55827 rejected  common/drain: common/drain: unable to drain connection > transport/internet/kcp: Read/Write timeout > proxy/vmess/encoding: invalid user: VMessAEAD is enforced and a non VMessAEAD connection is received. You can still disable this security feature with environment variable v2ray.vmess.aead.forced = false . You will not be able to enable legacy header workaround in the future.
2022/01/16 14:45:25 58.39.118.225:55865 rejected  common/drain: common/drain: unable to drain connection > EOF > proxy/vmess/encoding: invalid user: VMessAEAD is enforced and a non VMessAEAD connection is received. You can still disable this security feature with environment variable v2ray.vmess.aead.forced = false . You will not be able to enable legacy header workaround in the future.

8) 其它相关的配置文件（如 Nginx）和相关日志。

9) 如果 V2Ray 无法启动，请附上 --test 输出。

通常的命令为 /usr/bin/v2ray/v2ray --test --config /etc/v2ray/config.json。请按实际情况修改。

10) 如果 V2Ray 服务运行不正常，请附上 journal 日志。

通常的命令为 journalctl -u v2ray。

请预览一下你填的内容再提交。

[SxLvIo]

alterId: 0

[shufanhao]

@selviodzn thanks for replying. alterId must be set to 0 ? Previously, I use alterId 64, it works well.

[SxLvIo]

将额外ID（AlterID）设置为0。因为自2022年起v2ray服务端将强制启用aead认证机制.

[shufanhao]

@selviodzn I changed AlertID as 0 both server and client, it looks still doesn't work. Would you help to take a look ? Appreciated.

Server logs:

2022/01/18 06:25:43 [Info] transport/internet/kcp: #11400 closing connection to 117.136.8.119:37608
2022/01/18 06:25:43 [Info] transport/internet/kcp: #11400 terminating connection to 117.136.8.119:37608
2022/01/18 06:25:48 [Info] transport/internet/kcp: #11404 creating connection to 117.136.8.119:37612
2022/01/18 06:25:48 [Info] transport/internet/kcp: #11403 creating connection to 117.136.8.119:37613
2022/01/18 06:25:48 [Info] [1432039414] app/proxyman/inbound: connection ends > proxy/vmess/inbound: invalid request from 117.136.8.119:37607 > common/drain: common/drain: unable to drain connection > transport/internet/kcp: Read/Write timeout > proxy/vmess/encoding: invalid user: VMessAEAD is enforced and a non VMessAEAD connection is received. You can still disable this security feature with environment variable v2ray.vmess.aead.forced = false . You will not be able to enable legacy header workaround in the future.

Client logs:

2022/01/18 14:25:48 [Info] v2ray.com/core/transport/internet/kcp: #11398 terminating connection to 45.76.242.38:31462
2022/01/18 14:25:48 [Info] [973027203] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP response > io: read/write on closed pipe

[SxLvIo]

里面有解决方法，希望能帮到你https://github.com/233boy/v2ray/issues/812#issuecomment-1006285593

On Tue., Jan. 18, 2022, 2:28 p.m. Frank @.***> wrote:

@selviodzn https://github.com/selviodzn I changed AlertID as 0 both server and client, it looks still doesn't work. Would you help to take a look ? Appreciated.

Server logs:

2022/01/18 06:25:43 [Info] transport/internet/kcp: #11400 closing connection to 117.136.8.119:37608 2022/01/18 06:25:43 [Info] transport/internet/kcp: #11400 terminating connection to 117.136.8.119:37608 2022/01/18 06:25:48 [Info] transport/internet/kcp: #11404 creating connection to 117.136.8.119:37612 2022/01/18 06:25:48 [Info] transport/internet/kcp: #11403 creating connection to 117.136.8.119:37613 2022/01/18 06:25:48 [Info] [1432039414] app/proxyman/inbound: connection ends > proxy/vmess/inbound: invalid request from 117.136.8.119:37607 > common/drain: common/drain: unable to drain connection > transport/internet/kcp: Read/Write timeout > proxy/vmess/encoding: invalid user: VMessAEAD is enforced and a non VMessAEAD connection is received. You can still disable this security feature with environment variable v2ray.vmess.aead.forced = false . You will not be able to enable legacy header workaround in the future.

Client logs:

2022/01/18 14:25:48 [Info] v2ray.com/core/transport/internet/kcp: #11398 terminating connection to 45.76.242.38:31462 2022/01/18 14:25:48 [Info] [973027203] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP response > io: read/write on closed pipe

— Reply to this email directly, view it on GitHub https://github.com/v2ray/v2ray-core/issues/2966#issuecomment-1015108968, or unsubscribe https://github.com/notifications/unsubscribe-auth/AODOTP47QP6N22UIX3E6SOTUWUCA5ANCNFSM5MC3FTIA . You are receiving this because you were mentioned.Message ID: @.***>

[lijyze]

@selviodzn 大佬你好。 我在Mac上用的是v2rayu，alterID改成0以后连接成功了。 但是在手机上用Kitsunebi，alterID改成0以后，服务端的log仍然提示aead相关的东西。 所以我想问下，是不是Kitsunebi还需要更改某些设置。还是说只能通过修改v2ray.vmess.aead.forced = false的方式让移动端可以连接？

[SxLvIo]

应该是客户端的问题，试试小火箭

On Tue, 18 Jan 2022, 23:52 lijyze, @.***> wrote:

@selviodzn https://github.com/selviodzn 大佬你好。 我在Mac上用的是v2rayu，alterID改成0以后连接成功了。 但是在手机上用Kitsunebi，alterID改成0以后，服务端的log仍然提示aead相关的东西。 所以我想问下，是不是Kitsunebi还需要更改某些设置。还是说只能通过修改v2ray.vmess.aead.forced = false的方式让移动端可以连接？

— Reply to this email directly, view it on GitHub https://github.com/v2ray/v2ray-core/issues/2966#issuecomment-1015547966, or unsubscribe https://github.com/notifications/unsubscribe-auth/AODOTP6CKLJ4FB4J4WXY4O3UWWEDHANCNFSM5MC3FTIA . You are receiving this because you were mentioned.Message ID: @.***>

[lijyze]

小火箭测试好用，谢谢楼上大佬！

[shufanhao]

最后解决方法：

1. change AlterID to 0 for file /usr/local/etc/v2ray/config.json in server and client.
2. Update /etc/systemd/system/v2ray.service, add Environment="V2RAY_VMESS_AEAD_FORCED=false" before ExecStart

   [Service]
   User=nobody
   CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
   AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
   NoNewPrivileges=true
   Environment="V2RAY_VMESS_AEAD_FORCED=false"
   ExecStart=/usr/bin/v2ray/v2ray -config /usr/local/etc/v2ray/config.json
   Restart=on-failure
   RestartPreventExitStatus=23

   能上网的感觉，真好。

[hao-lee]

我今天把服务端重启了一下也遇到了这个问题，id改成0就行了，神奇，我没更新过服务端啊。

[lijonnas]

最后解决方法：

1. change AlterID to 0 for file /usr/local/etc/v2ray/config.json in server and client.
2. Update /etc/systemd/system/v2ray.service, add Environment="V2RAY_VMESS_AEAD_FORCED=false" before ExecStart

[Service]
User=nobody
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE
NoNewPrivileges=true
Environment="V2RAY_VMESS_AEAD_FORCED=false"
ExecStart=/usr/bin/v2ray/v2ray -config /usr/local/etc/v2ray/config.json
Restart=on-failure
RestartPreventExitStatus=23

能上网的感觉，真好。

亲测可用，我的系统是CentOS 7.9

[github-actions[bot]]

This issue is stale because it has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days

[ilovelxy]

这两个选项打开就不报错了……