Technically this is not an optimal VPN configuration, but it’s a requirement for our intended setup. Note however that the VPN must be using TCP for its connections (instead of the default UDP). Sometimes it’s as easy as clicking a few buttons (NAS, routers, etc.) For the remainder of this post, I’ll suppose the openvpn-server is listening on an internal server reachable as “ vpnserver:1194”.
Config openvpn with stunnel how to#
The web is full of excellent HOWTOs explaining how to set up OpenVPN on almost any platform. All of this on the standard SSL-port 443 and a single IP. A total of three subdomains are supposed to point to the public IP of the server: one for the VPN service (“”) and two for various other self-hosted web services (“ ” and “ ”). The example setup is for a registered domain called “ ”. You may use your own domain or open an account at one of the numerous “dynamic DNS” providers. I’m simply documenting my own setup, feel free to run the openvpn-server on the Pi too.)Īn obvious prerequisite is to have a public IP address for your server (i.e. All of this is implemented on a Raspberry Pi! (Except for the actual VPN-server, but that’s the least interesting part of the whole setup anyway.This is achieved through port-sharing implemented by sniproxy. Port 443 is still available for regular https-hosting.This “stunneled” VPN-connection is exposed to the outside world on port 443 (which is often the only non-blocked port available).OpenVPN-traffic is encapsulated in regular SSL/TLS in order to hide it from intrusive firewalls (doing Deep Packet Inspection).a hotel wifi or some free municipal wifis but think twice before messing with your employer’s corporate network or even the Great Firewall of China.) A server at home (on an unrestricted line) acts as an OpenVPN-server, while the client is connected to a very restrictive network (e.g.
In this blog post I’ll show you how to get a VPN-connection up and running through (almost) any firewall:
0 kommentar(er)
