Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Stunnel enhancement.

    pfSense Packages
    1
    1
    504
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Symon
      last edited by

      With the increasing number of regimes worldwide cracking down on VPNs using deep packet inspection, it was good to see the recent return of stunnel to the maintained package list. To improve the security for our particular application, we hacked the package .xml and .inc files so that we can add a pre-shared key to implement client authentication using the GUI. This prevents anyone opening a tunnel on the stunnel server end without a secret key. It works like this https://www.stunnel.org/auth.html
      If the maintainer of the stunnel package happens to be reading this, you're welcome to our code which simply adds a PSK field at the bottom of the stunnel add page and then sticks that into the relevant files on the firewall. Works well for us.
      p.s. If anyone thinks this is a massive security mistake, please say why! Thanks.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.