Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    stunnel question

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 1 Posters 696 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DerKlaus
      last edited by DerKlaus

      Hello.

      Are these the latest settings?

      WAN-IP should in most cases be your static wan ip address, but lan ip works as well.
–---------------------------------------------
cert = /usr/local/etc/stunnel/stunnel.pem
chroot = /var/tmp/stunnel
setuid = stunnel
setgid = stunnel
[stunnel]
key = /usr/local/etc/stunnel/f8ea8f75.key
cert = /usr/local/etc/stunnel/f8ea8f75.chain
local = your-WAN-IP
accept = your-WAN-IP:443
connect = your-WAN-IP:1194
TIMEOUTclose = 0
–----------------------------------------------------
--OpenVPN server must be be set for TCP and not UDP.

      I also try to configure OpenVPN Client with STunnel Package.

      1. First, I have to use OpenVPN Client TCP, right?
      2. Then under Services => STunnel these settings?
      • Description [STunnel]
      • Client Mode [YES]
      • Listen on IP [127.0.0.1]
      • Listen on Port [443]
      • Redirects to IP [amsterdam.server.com]
      • Redirects to Port [1142]
      • Outgoing Source IP [?]

      Are these settings correct?
      3. I use load balancing with 4 x amsterdam.server.com. How do I have to configure it for load balancing?

      Thanks

      Klaus

      1 Reply Last reply Reply Quote 0
      • D
        DerKlaus
        last edited by DerKlaus

        I have now configured OpenVPN Client and stunnel from AirVPN.

        browse "VPN: OpenVPN: Client"
Protocol: TCP
Interface: Localhost
Server host or address: 127.0.0.1
Server port: 995
Advanced:
       route Server_IP 255.255.255.255 net_gateway

        And with this stunnel configuration:

        0_1547658999272_stunnel-resized.png

        I'm trying to configure load balancing now with exactly 4 same openvpn clients.

        My problem: the openvpn clients allways crash.
        I get an error Message:

        /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1547574979] unbound[12781:0] error: can't bind socket: Address already in use for 127.0.0.1 port 953 [1547574979] unbound[12781:0] error: cannot open control interface 127.0.0.1 953 [1547574979] unbound[12781:0] fatal error: could not open ports'

        Can someone help me?

        best regards

        Klaus

        1 Reply Last reply Reply Quote 0
        • D
          DerKlaus
          last edited by

          Who wrote the stunnel package?

          Why is only ip 127.0.0.1 accepted and not other IPs in "Listen on IP" field?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.