I'm developing a telegram bot, but the API is banned here (Iran) so i have to use VPN or cant make a single call to the BOT API.
for development i'm using docker,docker-compose in Ubuntu-18 and my VPN client is an Open-connect Cisco VPN.
when i establish the VPN connection in host , the host can work with API with no problem at all but in the container i get a weird error as described below.
if run this command in container without VPN :
curl -v https://api.telegram.org/botXXX/getMe
instantly will get the following error (and it is expected because of censorship):
curl: (7) Failed to connect to api.telegram.org port 443: Connection refused
with VPN connected ,running the same command in host just returns normal response
BUT in container its hangs for a long time (~1 min) then respond with the following
* Trying 149.154.167.220...
* TCP_NODELAY set
* Connected to api.telegram.org (149.154.167.220) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* (304) (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.telegram.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.telegram.org:443
i'm sure the container traffic is going through the VPN because my public IP is changed to the VPN location, and even if i try to open some other censored websites e.g (youtube,facebook) i get 200 status code no problem
i tried with both --network host
and --network my_bridge
and had no luck.
so any idea about where this problem comes from?is it related to openconnect client ? why only this happens to this API and not many more addressed i tried? and maybe a fix ?