2 months ago
Hi Railway Support,
When accessing a Railway app through a corporate forward proxy, the TLS handshake does not proceed. Does Railway have a policy that blocks traffic coming through proxies?
If there are any IP allowlisting options or network requirements on Railway's side, please let us know.
Thank you.
1 Replies
2 months ago
We do not block traffic from proxies. However, all inbound traffic requires TLS 1.2 or above and SNI (Server Name Indication) is mandatory for correct certificate matching. Corporate forward proxies that perform TLS interception or strip SNI headers will cause handshake failures since our edge requires SNI to route and serve the correct certificate. You would need to confirm with your corporate network team that the proxy forwards SNI properly and supports TLS 1.2+. We do not offer IP allowlisting for inbound traffic. More details are in our Specs & Limits documentation.
Status changed to Awaiting User Response Railway • about 2 months ago
a month ago
This thread has been marked as solved automatically due to a lack of recent activity. Please re-open this thread or create a new one if you require further assistance. Thank you!
Status changed to Solved Railway • about 1 month ago