Michael - thanks for your response.
I did not see the "ip:port" syntax you suggested in the stunnel doc, so I just use 'port'. Below is the config I tried:
[DBSERVER] connect = 3389 CAfile = stunnel.pem
When running I got the following errors:
[ ] Initializing inetd mode configuration [ ] Running on Windows 6.2 [ ] No limit detected for the number of clients [.] stunnel 5.70 on x64-pc-mingw32-gnu platform [.] Compiled/running with OpenSSL 3.0.9 30 May 2023 [.] Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI [ ] errno: (*_errno()) [ ] Initializing inetd mode configuration [ ] Running on Windows 6.2 [.] Reading configuration from file C:\Program Files (x86)\stunnel\config\stunnel.conf [.] UTF-8 byte order mark detected [.] FIPS mode disabled [ ] Compression disabled [ ] No PRNG seeding was required [ ] Initializing service [DBSERVER] [!] Service [DBSERVER]: TLS server needs a certificate [!] Configuration failed [ ] Deallocating temporary section defaults [ ] Deallocating section [DBSERVER]
Notice "TLS server needs a certificate". The installation dialog steps me through creating a certificate which it puts in stunnel.pem. So why this message? I also tried the full pathname to stunnel.pem.
--Mark
-----Original Message----- From: Michael Curran michael.curran@cosocloud.com To: Mark Foley mfoley@novatec-inc.com, "stunnel-users@stunnel.org" stunnel-users@stunnel.org Subject: Re: [stunnel-users] Need help setting up new stunnel config Date: Fri, 1 Sep 2023 13:12:30 +0000
accept is the port you want them to connect on remotely – which would have to be other than 3389 since it is open already connect would be 3389
I think in the connection string for RDC you can just specify ip:port to connect
If you cannot , you can also redesignate the port remote desktop answers on
-- Michael Curran Systems Architect| CoSo Cloud D 614.568.2285 | C 614.403.6320 | michael.curran@cosocloud.com
From: Mark Foley mfoley@novatec-inc.com Date: Thursday, August 31, 2023 at 11:33 AM To: stunnel-users@stunnel.org stunnel-users@stunnel.org Subject: [stunnel-users] Need help setting up new stunnel config I used stunnel about 5 years ago and now I want to use it again, but my notes are terrible and I'm having trouble getting started.
I want to create a connection between Windows computer on port 3389. The "client" will be some remote Windows computer, perhaps at someone's home office. The "server" will be a Windows workstation at the office.
I've installed stunnel 5.70 on a Windows 10 workstation at the office, hostname COMMONW10. I'm at a loss creating the config file on this machine. I have:
[COMMONW10] ;client = yes accept = 3389 ;connect = ???:xxxx CAfile = stunnel.pem
The stunnel.pem was create when I installed stunnel. I have no idea what the 'connect' line should have. When I run stunnel (clicking on desktop icon) I get:
[.] Configuration successful [ ] Deallocating deployed section defaults [ ] Binding service [COMMONW10] [ ] Listening file descriptor created (FD=724) [ ] Setting accept socket options (FD=724) [ ] Option SO_EXCLUSIVEADDRUSE set on accept socket [.] Binding service [COMMONW10] to 127.0.0.1:3389: Permission denied (WSAEACCES) (10013) [!] Binding service [COMMONW10] failed [ ] Unbinding service [COMMONW10] [ ] Service [COMMONW10] closed [ ] Deallocating deployed section defaults [ ] Deallocating section [COMMONW10] [ ] Initializing inetd mode configuration [ ] Running on Windows 6.2
Server is down
I'm assuming the "Permission denied" is because Remote Desktop is already listening on 3389. So, I'm stuck and feeling quite ignorant!
Help appreciated.
--Mark _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org This is an external email and may have suspicious content. Please take care when clicking links or opening attachments. When in doubt, contact your IT Department.