Posts Tagged openvpn
Improving my OpenVPN Ansible Playbook
Posted by Kyle Lexmond in Sysadmin on April 11, 2016
I had a working OpenVPN configuration. But it wasn’t the best it could be. The manpage for OpenVPN 2.3 (community.openvpn.net/openvpn/wiki/Openvpn23ManPage) was used to find particularly interesting options. For most of the changes I had to find examples and more information through Googling, though blog.g3rt.nl/openvpn-security-tips.html is of particular note for popping up very often. Improving TLS […]
OpenVPN & China’s Firewall
Posted by Kyle Lexmond in Personal, Sysadmin on May 10, 2013
Ended up choosing an SSH SOCKS proxy + Tunnelblick because it had the fewest moving parts. Combined with a passwordless SSH key, I saw this status on Facebook today: Kyle is truly a computer wizard! as in, his Tunnelblick thingy is working! Location? China. Success.
Now that I’m actually looking for it
Posted by Kyle Lexmond in Sysadmin on December 28, 2012
I’m seeing stuff about China’s blocking VPNs everywhere: New York Times, the BBC, and of course, Slashdot. Interesting tidbit: OpenVPN over TCP on port 53 apparently works. Not sure why it’d be like that, but maybe it’s something unexpected from infrastructure put in place for DNS poisoning. Possibly unrestricted, but mirrored to the DNS servers, […]
Tunneling OpenVPN through SSH
Posted by Kyle Lexmond in Sysadmin on December 26, 2012
Having a bit of time, and remembering that OpenVPN had an option for SOCKS proxies, I decided to take a stab at getting OpenVPN to work through a SOCKS proxy. It was far easier than expected.
Tunneling OpenVPN through stunnel
Posted by Kyle Lexmond in Sysadmin on December 26, 2012
Continuing my string of posts on trying to get OpenVPN working through China’s Great Firewall… and a recent (and unexpected but much appreciated) report that TCP & UDP ports are blocked quickly, I’m now looking at getting OpenVPN to work with stunnel. My assumption is that the GFW is detecting the OpenVPN packets, since they’re […]
Getting OpenVPN to run on random ports
Posted by Kyle Lexmond in Sysadmin on December 22, 2012
As I mentioned in a previous post, I have a friend who’s heading to China. I have an OpenVPN server. I thought the two would match together well, but then China went and started to filter & kill OpenVPN connections, and block those IP/port combinations. People are reporting that using a random port (as supported […]
OpenVPN and China’s Great Firewall
Posted by Kyle Lexmond in Sysadmin on December 20, 2012
Slashdot linked to an article on China restricting VPN access, in particular OpenVPN clients. (Also: OpenVPN’s forums has a similar report) The problem seems to be they’ve implemented some sort of protocol detection that’ll flag and block OpenVPN connections after a while. Unfortunately, this is no longer an academic problem for me, since I’ve got a […]
Getting OpenVPN to work on an OpenVZ VPS
Posted by Kyle Lexmond in Linux, Sysadmin on September 28, 2012
Note: This is a personal VPN, so I just used static keys. A general guide to getting OpenVPN set up is available on the OpenVPN website, but this guide is targeted at CentOS 5 on an OpenVZ VPS. This guide should be usable in other RH derivatives without much (any?) modification; and with slight modifications […]