We are currently trying to add Stunnel to our application. Each time one of our clients try to connect to the server it seems to make its call from a random port. We have set up the server config file to be: [OurApp] accept = 15366 connect = 15365 The config file on our client is set up as: client = yes [OurApp] accept = 1308 connect = [serverIp]:15366 The problem that we are having is that the source port on our client changes every time we try to send data from our client to our server. So one time we send data the port will be 1308 and the next time will be 1309. We also tried to set up multiple configurations that were configure to accept on many ports and all connecting to [serverIP]:15366. Is there any way to get Stunnel working with our dynamic client port? Thanks, MK
Matt Keoppel schreef:
We are currently trying to add Stunnel to our application. Each time one of our clients try to connect to the server it seems to make its call from a random port. We have set up the server config file to be:
[OurApp] accept = 15366 connect = 15365
The config file on our client is set up as:
client = yes
[OurApp] accept = 1308 connect = [serverIp]:15366
The problem that we are having is that the source port on our client changes every time we try to send data from our client to our server. So one time we send data the port will be 1308 and the next time will be 1309. We also tried to set up multiple configurations that were configure to accept on many ports and all connecting to [serverIP]:15366. Is there any way to get Stunnel working with our dynamic client port?
Thanks, MK
Hi Matt, When an client-application connects to a server (without stunnel), it chooses a random free port as source to a well-defined port as destination, depending on the server-application : port 25 for SMTP, 143 for IMAP, etc. The server's application takes care of the rest. Now you want stunnel to secure the connection. You configure stunnel on the client to listen (accept) on that well-defined port of your server-application and to connect to a port of your choice on the server. On the server-side you configure stunnel to listen to that chosen port, and connect to the well-defined port on the server. Your client-application has to be configured to connect to "localhost" (127.0.0.1). So to your client-application it's like the server runs on the client. That's it. I hope this helps your understanding of stunnel. Regards, Koenraad Lelong.
Hi, I have been using Stunnel for about a year now, and must say it works great (as it should). However I would like to include the source in my visual studio (basic) project. Has anyone got any experience in doing this? It's a one-click application. Kind regards, Reinier
On Tue, 2009-09-01 14:08:12 -0700, Matt Keoppel wrote:
We are currently trying to add Stunnel to our application. Each time one of our clients try to connect to the server it seems to make its call from a random port.
This is commonly the case for client/server relations on IP.
We have set up the server config file to be:
[OurApp] accept = 15366 connect = 15365
The config file on our client is set up as:
client = yes
[OurApp] accept = 1308 connect = [serverIp]:15366
This looks o.k. (provided that you also have entries for the certificates and key).
The problem that we are having is that the source port on our client changes every time we try to send data from our client to our server.
I don't see why this is a problem. As far as I understand your setup (a client application, two stunnel instances and a server application), there are three TCP connections involved, using in total six sockets. Three of them are described in your stunnel.conf files, the other three are chosen randomly: client app [random socket #1] | V [localhost:1308] 1st stunnel instance [random socket #2] | V [serverIP:15366] 2nd stunnel instance [random socket #3] | V [serverIP:15365] server application I suppose you didn't recognize each IP connection is a connection between two sockets, one at each end. Ludolf -- --------------------------------------------------------------- Ludolf Holzheid Tel: +49 621 339960 Bihl+Wiedemann GmbH Fax: +49 621 3392239 Floßwörthstraße 41 e-mail: lholzheid@bihl-wiedemann.de D-68199 Mannheim, Germany ---------------------------------------------------------------
participants (4)
-
Koenraad Lelong -
Ludolf Holzheid -
Matt Keoppel -
Reinier van der Gugten