Menu
▾
▴
Re: [Openvpn-users] Question about tls-crypt and port 443 firewall ducking
|
From: Sebastian R. <asd...@gm...> - 2016-12-20 16:51:10
|
Hello > Sent: Tuesday, December 20, 2016 at 4:50 PM > From: "Jan Just Keijser" <ja...@ni...> > To: "Kevin Long" <kev...@ha...>, ope...@li... > Subject: Re: [Openvpn-users] Question about tls-crypt and port 443 firewall ducking > > > the new tls-crypt feature adds some extra hiding of OpenVPN traffic from > someone snooping the network. It does *NOT*, however, result in OpenVPN > traffic looking the same as regular TLS/HTTPS traffic. If you scan an > OpenVPN network connection using tcpdump/wireshark then you can see that > it's different from a regular HTTPS connection start. Advanced firewalls > can detect this difference and can/will block OpenVPN traffic based on > it. Currently, there's little that can be done about this. > A VPN provider has come up with a solution. It works like this: First, you connect to a VPN server using a free open-source software called stunnel. Next, you launch the corresponding ovpn config file. The provider claims the above method is able to bypass the Great Firewall of China. Regards. Sebastian |
