Openvpn wrapped by stunnel
openvpn protocol got blocked in my country (tcp udp different ports).
I heard that stunnel can wrap openvpn traffic to normal ssl so that DPI not easily identify.
my vpn provider having stunnel ssl options and openvpn of course.
I have searched many sites but nothing for pfsense.
vpn provider provide stunnel.conf and CA certificate (.pem)
Is there any guide (step by step) how to run stunnel ?
I have tried but always getting certificate error.
i am willing to connect as a client only.
There are no guides and that's typically a bad idea anyhow.
Use pfSense 2.4 and activate OpenVPN 2.4's "TLS Crypt" mode instead. Assuming both sides support that, it encrypts the control channel making it more difficult to identify. No need to run it through yet another layer of encapsulation.
Hello TLS Crypt didn't help me.
I have the same issue , our ISPs using DPI to block VPN Traffic.
any workaround ?
finally got ovpn working again over stunnel.
stunnel is the best workaround for this issue.
stunnel package back again to new pfsense 2.4.
Would you care to share…
Screenshots would be great.
Use pfSense 2.4 and activate OpenVPN 2.4's "TLS Crypt" mode instead.
Where is this option? Is this the TLS KEY Usage Mode or is it added to Custom options?
Its right there in the VPN settings.. Drop down..
See attached pic
I've since tried that option and it doesn't help my case. Looks like STunnel is the only realistic proposition for keeping OpenVPN running.
I've got that working on a client computer, but would much prefer to share this where needed.
i have the same issue , i think Stunnel is my last hope
I'm having similar issues trying to setup stunnel to openvpn. Im using openvpn on pfsense as my server and on the receiving end client also using openvpn on pfsense. I would like to setup stunnel as client and server in their respective locations.
Can you assist?