<html>
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<font face="Century Gothic">Heikki,<br>
<br>
You can get this to work by making openvpn and stunnel separate:<br>
<br>
On the client side:<br>
<br>
[openvpn]<br>
client = yes<br>
accept = localhost:443<br>
connect = remote:20433<br>
<br>
On the server side<br>
client = no<br>
accept = 20443<br>
connect = 443<br>
<br>
The traffic will be doubly encrypted.� It might be easier just to
use openvpn for this connection.<br>
<br>
Carter<br>
</font><br>
<div class="moz-cite-prefix">On 3/22/2019 6:23 PM, Heikki Lavaste
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DB6P194MB0167166D8B12BEE34609CB3894430@DB6P194MB0167.EURP194.PROD.OUTLOOK.COM">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
Hi,�</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
To bypass the office firewall to access home server, I'm trying
to run openvpn over port 443 with stunnel.�</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
I managed to get to this point:</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
Log on client side</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif;
font-size: 12pt; color: rgb(0, 0, 0);">
<span>2019.03.22 22:15:13 LOG5[38]: Connection closed: 352
byte(s) sent to TLS, 2067 byte(s) sent to socket<br>
</span>
<div>2019.03.22 22:15:19 LOG5[39]: Service [openvpn] accepted
connection from 127.0.0.1:51265<br>
</div>
<div>2019.03.22 22:15:19 LOG5[39]: s_connect: connected
x.x.x.x:443<br>
</div>
<div>2019.03.22 22:15:19 LOG5[39]: Service [openvpn] connected
remote server from x.x.x.x:51266<br>
</div>
<div>2019.03.22 22:15:19 LOG5[39]: Connection closed: 352
byte(s) sent to TLS, 2067 byte(s) sent to socket<br>
</div>
<div><br>
</div>
<div>Log on server side:</div>
<div><br>
</div>
<div><span>Mar 22 22:21:54 ssh-server-heikki stunnel[2797]:
LOG5[2797:140127128753920]: connect_blocking: connected
127.0.0.1:8443<br>
</span>
<div>Mar 22 22:21:54 ssh-server-heikki stunnel[2797]:
LOG5[2797:140127128753920]: Service [openvpn] connected
remote server from 127.0.0.1:49366<br>
</div>
<div>Mar 22 22:21:54 ssh-server-heikki stunnel[2797]:
LOG5[2797:140127128753920]: Connection closed: 2067 byte(s)
sent to SSL, 352 byte(s) sent to socket<br>
</div>
<span></span><br>
</div>
<div>Config:</div>
<div><br>
</div>
<div>Client</div>
<div><span>[openvpn]<br>
</span>
<div>client = yes<br>
</div>
<div>accept = localhost:1337<br>
</div>
<div>connect = x.x.x.xg:443<br>
</div>
<div>cert =
C:\Users\heikki_lavaste\Documents\stunnel\stunnel.pem<br>
</div>
<div>verifyChain = yes<br>
</div>
<div>verify = 2<br>
</div>
<div>CAfile =
C:\Users\heikki_lavaste\Documents\stunnel\ca-cert.pem<br>
</div>
<div>checkHost = stunnel.heikki-lab.local<br>
</div>
<span>sslVersion = TLSv1</span><br>
</div>
<div><span><br>
</span></div>
<div><span>Server</span></div>
<div><span><br>
</span></div>
<div><span><span>chroot = /var/run/stunnel<br>
</span>
<div>sslVersion = TLSv1<br>
</div>
<div>pid = /stunnel.pid<br>
</div>
<div>setuid = nobody<br>
</div>
<div>setgid = nobody<br>
</div>
<div>socket = l:TCP_NODELAY=1<br>
</div>
<div>socket = r:TCP_NODELAY=1<br>
</div>
<div>cert = /etc/stunnel/stunnel.pem<br>
</div>
<div>[openvpn]<br>
</div>
<div>accept = 443<br>
</div>
<div>connect = localhost:8443<br>
</div>
<div>cert = /etc/stunnel/stunnel.pem<br>
</div>
<span></span><br>
</span></div>
<div><span><br>
</span></div>
<div><span>The issue is probably nothing to do with stunnel but
if somebody can help me figure this out, that'd be
appreciated.</span></div>
<div><span><br>
</span></div>
<div><span><br>
</span></div>
<div><span>Kind Regards</span></div>
<div><span>Heikki</span></div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
stunnel-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:stunnel-users@stunnel.org">stunnel-users@stunnel.org</a>
<a class="moz-txt-link-freetext" href="https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users">https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users</a>
</pre>
</blockquote>
<br>
</body>
</html>