stunnel question



  • Hello.

    Are these the latest settings?

    WAN-IP should in most cases be your static wan ip address, but lan ip works as well.
    –---------------------------------------------
    cert = /usr/local/etc/stunnel/stunnel.pem
    chroot = /var/tmp/stunnel
    setuid = stunnel
    setgid = stunnel
    [stunnel]
    key = /usr/local/etc/stunnel/f8ea8f75.key
    cert = /usr/local/etc/stunnel/f8ea8f75.chain
    local = your-WAN-IP
    accept = your-WAN-IP:443
    connect = your-WAN-IP:1194
    TIMEOUTclose = 0
    –----------------------------------------------------
    --OpenVPN server must be be set for TCP and not UDP.
    

    I also try to configure OpenVPN Client with STunnel Package.

    1. First, I have to use OpenVPN Client TCP, right?
    2. Then under Services => STunnel these settings?
    • Description [STunnel]
    • Client Mode [YES]
    • Listen on IP [127.0.0.1]
    • Listen on Port [443]
    • Redirects to IP [amsterdam.server.com]
    • Redirects to Port [1142]
    • Outgoing Source IP [?]

    Are these settings correct?

    1. I use load balancing with 4 x amsterdam.server.com. How do I have to configure it for load balancing?

    Thanks

    Klaus



  • I have now configured OpenVPN Client and stunnel from AirVPN.

    browse "VPN: OpenVPN: Client"
    Protocol: TCP
    Interface: Localhost
    Server host or address: 127.0.0.1
    Server port: 995
    Advanced:
           route Server_IP 255.255.255.255 net_gateway
    

    And with this stunnel configuration:

    0_1547658999272_stunnel-resized.png

    I'm trying to configure load balancing now with exactly 4 same openvpn clients.

    My problem: the openvpn clients allways crash.
    I get an error Message:

    /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1547574979] unbound[12781:0] error: can't bind socket: Address already in use for 127.0.0.1 port 953 [1547574979] unbound[12781:0] error: cannot open control interface 127.0.0.1 953 [1547574979] unbound[12781:0] fatal error: could not open ports'
    

    Can someone help me?

    best regards

    Klaus



  • Who wrote the stunnel package?

    Why is only ip 127.0.0.1 accepted and not other IPs in "Listen on IP" field?