Site to Site with stunnel package



  • hello everybody,

    i want to connect two companies with a normal openvpn site to site connection.
    One Company is located at a small town in china, so here is the problem.
    The openvpn traffic will be blocked by the chinese firewall because of deep packet inspection.
    So i setup a site to site connection using a ssl wrapper like stunnel. pfsense has a package for this usage.
    My problem is, that the established openvpn connection broke after a few seconds or minutes.
    I have configured one site as server and one site as client.
    Is it possible in general to get such a setup to work stable? Or is the package stunnel not usable for site to site connections?
    Maybe one of you guys have the same setup or more experiences  :-
    Thanks in advance for your input!
    Niklas



  • Finally it works now, the tunnel is up and seems to be stable!
    The solution is not so clear, i reset all the settings and start from scratch.

    But i have one more issue, maybe you have an idea.
    I can not ping from Site A to Site B, but the ping works from site B to A.
    I have configured the routes between the two sites via openvpn server config page.
    The routes are in the routing table on both sites.

    I have ping the opvpn interfaces directly from the two pfsense appliances. Same procedure, Site A can not ping Site B but the other way works.
    So Site A has the openvpn ip 192.168.1.1 and Site B has the ip 192.168.1.2.
    Does anyone have some tips?



  • @streetsfinest:

    Finally it works now, the tunnel is up and seems to be stable!
    The solution is not so clear, i reset all the settings and start from scratch.

    But i have one more issue, maybe you have an idea.
    I can not ping from Site A to Site B, but the ping works from site B to A.
    I have configured the routes between the two sites via openvpn server config page.
    The routes are in the routing table on both sites.

    I have ping the opvpn interfaces directly from the two pfsense appliances. Same procedure, Site A can not ping Site B but the other way works.
    So Site A has the openvpn ip 192.168.1.1 and Site B has the ip 192.168.1.2.
    Does anyone have some tips?

    Dear Sir

    i have the same issue can you please support us with your configuration

    my solution with the attachment .
    my Site A have
    Wan addr 192.168.1.12
    Lan addr  192.168.10.1

    Site B have

    Wan addr 192.168.1.13
    Lan addr  192.168.12.1

    i didnt know how to setup the Stunnel

    i appreciate  you help






  • & if you please can you tell me if i want to connect to my PFsense VPN server thorugh remote vpn from country such egypt , like china the run DPI to block OpenVPn , how can i use stunnels from pfsense or should i use stunnel App from https://www.stunnel.org/downloads.html

    if so can you tell me steps plz

    many thanks

    i appreciate your help



  • If you please can tell me where is my mistake  :) :) :) :)
    i used private ips for example only , in production i use public ips on both sites




  • i have the same issue , can any one here help please



  • Any updates please


Log in to reply