• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

stunnel question

Scheduled Pinned Locked Moved pfSense Packages
3 Posts 1 Posters 714 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    DerKlaus
    last edited by DerKlaus Dec 27, 2018, 4:50 PM Dec 27, 2018, 4:47 PM

    Hello.

    Are these the latest settings?

    WAN-IP should in most cases be your static wan ip address, but lan ip works as well.
–---------------------------------------------
cert = /usr/local/etc/stunnel/stunnel.pem
chroot = /var/tmp/stunnel
setuid = stunnel
setgid = stunnel
[stunnel]
key = /usr/local/etc/stunnel/f8ea8f75.key
cert = /usr/local/etc/stunnel/f8ea8f75.chain
local = your-WAN-IP
accept = your-WAN-IP:443
connect = your-WAN-IP:1194
TIMEOUTclose = 0
–----------------------------------------------------
--OpenVPN server must be be set for TCP and not UDP.

    I also try to configure OpenVPN Client with STunnel Package.

    1. First, I have to use OpenVPN Client TCP, right?
    2. Then under Services => STunnel these settings?
    • Description [STunnel]
    • Client Mode [YES]
    • Listen on IP [127.0.0.1]
    • Listen on Port [443]
    • Redirects to IP [amsterdam.server.com]
    • Redirects to Port [1142]
    • Outgoing Source IP [?]

    Are these settings correct?
    3. I use load balancing with 4 x amsterdam.server.com. How do I have to configure it for load balancing?

    Thanks

    Klaus

    1 Reply Last reply Reply Quote 0
    • D
      DerKlaus
      last edited by DerKlaus Jan 16, 2019, 5:53 PM Jan 16, 2019, 5:30 PM

      I have now configured OpenVPN Client and stunnel from AirVPN.

      browse "VPN: OpenVPN: Client"
Protocol: TCP
Interface: Localhost
Server host or address: 127.0.0.1
Server port: 995
Advanced:
       route Server_IP 255.255.255.255 net_gateway

      And with this stunnel configuration:

      0_1547658999272_stunnel-resized.png

      I'm trying to configure load balancing now with exactly 4 same openvpn clients.

      My problem: the openvpn clients allways crash.
      I get an error Message:

      /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1547574979] unbound[12781:0] error: can't bind socket: Address already in use for 127.0.0.1 port 953 [1547574979] unbound[12781:0] error: cannot open control interface 127.0.0.1 953 [1547574979] unbound[12781:0] fatal error: could not open ports'

      Can someone help me?

      best regards

      Klaus

      1 Reply Last reply Reply Quote 0
      • D
        DerKlaus
        last edited by Jan 22, 2019, 8:21 PM

        Who wrote the stunnel package?

        Why is only ip 127.0.0.1 accepted and not other IPs in "Listen on IP" field?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received