I stand corrected
15 10 2008I always thought with my OpenVPN server running on port 443 I can bypass any proxy or firewall allowing me to connect to HTTPS sites. Well, it seems like at this place there is some transparent proxy in place which actually inspects the TLS/SSL handshake and OpenVPN doesn’t exactly behave like HTTPS. Jabber works though, so it seems like I’ve got to find a way to encapsulate the VPN in a real TLS stream or something. Anybody an idea?
Why not start an openssl s_server on your serverside und an openssl s_client on your client an pipe the complete datastream through that?
Ajaxterm may be an alternative for you?
Nope, I need/want access to my Mail-Server (IMAP plus SMTP) and NNTP and IRC access. Not to forget SSH access to various server. A VPN link/tunnel has the advantage that I don’t have to tunnel each service for any server I use.
It was just a kludge offer.
Cipe (http://sites.inka.de/~bigred/devel/cipe.html) works completely on UDP, which some firewall-admins don’t bother about.
Is there a way to get into that openvpn-data-exchange? May be a LD_PRELOAD-library or a patch in the kernel module? So you may very well use openssl as replacement for the link connection.
Have you tried CorkScrew (http://www.agroman.net/corkscrew/) ?
@Sven: Sorry for the late reply.
The problem is also that the Client runs Windows so tunneling stuff is not so easy and one thing I’m most glad about in OpenVPN is the client which sets up the routes etc. Else I might try tinc instead.
OpenVPN also used UDP per default, I just switched it to TCP on port 443 because with that I was able to bypass any proxy etc. till now. But this net is so shut down that not even UDP port 53 is available.
I guess it should be possible to hack OpenVPN so that it uses a proper TLS handshake. But I don’t really have the time to do that currently.
@Anon: I doubt that CorkScrew will be able to bypass that proxy as well, but I might have a try.