Michael - thanks for your response. I did not see the "ip:port" syntax you suggested in the stunnel doc, so I just use 'port'. Below is the config I tried: [DBSERVER] connect = 3389 CAfile = stunnel.pem When running I got the following errors: [ ] Initializing inetd mode configuration [ ] Running on Windows 6.2 [ ] No limit detected for the number of clients [.] stunnel 5.70 on x64-pc-mingw32-gnu platform [.] Compiled/running with OpenSSL 3.0.9 30 May 2023 [.] Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNI [ ] errno: (*_errno()) [ ] Initializing inetd mode configuration [ ] Running on Windows 6.2 [.] Reading configuration from file C:\Program Files (x86)\stunnel\config\stunnel.conf [.] UTF-8 byte order mark detected [.] FIPS mode disabled [ ] Compression disabled [ ] No PRNG seeding was required [ ] Initializing service [DBSERVER] [!] Service [DBSERVER]: TLS server needs a certificate [!] Configuration failed [ ] Deallocating temporary section defaults [ ] Deallocating section [DBSERVER] Notice "TLS server needs a certificate". The installation dialog steps me through creating a certificate which it puts in stunnel.pem. So why this message? I also tried the full pathname to stunnel.pem. --Mark -----Original Message----- From: Michael Curran <michael.curran@cosocloud.com> To: Mark Foley <mfoley@novatec-inc.com>, "stunnel-users@stunnel.org" <stunnel-users@stunnel.org> Subject: Re: [stunnel-users] Need help setting up new stunnel config Date: Fri, 1 Sep 2023 13:12:30 +0000 accept is the port you want them to connect on remotely – which would have to be other than 3389 since it is open already connect would be 3389 I think in the connection string for RDC you can just specify ip:port to connect If you cannot , you can also redesignate the port remote desktop answers on -- Michael Curran Systems Architect| CoSo Cloud D 614.568.2285 | C 614.403.6320 | michael.curran@cosocloud.com From: Mark Foley <mfoley@novatec-inc.com> Date: Thursday, August 31, 2023 at 11:33 AM To: stunnel-users@stunnel.org <stunnel-users@stunnel.org> Subject: [stunnel-users] Need help setting up new stunnel config I used stunnel about 5 years ago and now I want to use it again, but my notes are terrible and I'm having trouble getting started. I want to create a connection between Windows computer on port 3389. The "client" will be some remote Windows computer, perhaps at someone's home office. The "server" will be a Windows workstation at the office. I've installed stunnel 5.70 on a Windows 10 workstation at the office, hostname COMMONW10. I'm at a loss creating the config file on this machine. I have: [COMMONW10] ;client = yes accept = 3389 ;connect = ???:xxxx CAfile = stunnel.pem The stunnel.pem was create when I installed stunnel. I have no idea what the 'connect' line should have. When I run stunnel (clicking on desktop icon) I get: [.] Configuration successful [ ] Deallocating deployed section defaults [ ] Binding service [COMMONW10] [ ] Listening file descriptor created (FD=724) [ ] Setting accept socket options (FD=724) [ ] Option SO_EXCLUSIVEADDRUSE set on accept socket [.] Binding service [COMMONW10] to 127.0.0.1:3389: Permission denied (WSAEACCES) (10013) [!] Binding service [COMMONW10] failed [ ] Unbinding service [COMMONW10] [ ] Service [COMMONW10] closed [ ] Deallocating deployed section defaults [ ] Deallocating section [COMMONW10] [ ] Initializing inetd mode configuration [ ] Running on Windows 6.2 Server is down I'm assuming the "Permission denied" is because Remote Desktop is already listening on 3389. So, I'm stuck and feeling quite ignorant! Help appreciated. --Mark _______________________________________________ stunnel-users mailing list -- stunnel-users@stunnel.org To unsubscribe send an email to stunnel-users-leave@stunnel.org This is an external email and may have suspicious content. Please take care when clicking links or opening attachments. When in doubt, contact your IT Department.