[stunnel-users] OpenVPN over stunnel

Derek Cole derek.cole at gmail.com
Wed Jul 23 20:09:24 CEST 2014


Hrmm, I tried this, and it didn't immediately solve my problem. I think
there is actually a problem here with the openvpn configuration. I have it
set to "push redirect-gateway def1" and when that is the case, the openvpn
client makes the initial connection (it says), but I can't even ping the
openvpn server. When I take out the push redirect-gateway config option, I
end up with a connection, and I can ping the openvpn servers tun address,
but I don't have any rules to force all traffic over the vpn connection
that way.

Any ideas?


On Wed, Jul 23, 2014 at 12:09 AM, Ahin Shaw <ahin.shaw at indiabulls.com>
wrote:

> Hi Derek,
>
>
>
> Use the Server IP instead of loopback address. I am sure this will work.
>
>
>
> accept = 127.0.0.1:5150
>
>
>
>
>
> Many Thanks!
>
> *From:* stunnel-users [mailto:stunnel-users-bounces at stunnel.org] *On
> Behalf Of *Derek Cole
> *Sent:* Wednesday, July 23, 2014 4:19 AM
> *To:* stunnel-users at stunnel.org
> *Subject:* [stunnel-users] OpenVPN over stunnel
>
>
>
> Hello,
>
> I am doing something similar to what is happening in this scenario:
>
> http://kyl191.net/2012/12/tunneling-openvpn-through-stunnel/
>
> That is, I have set my openvpn client configuration to be "remote
> localhost port" where port is the port my stunnel client is listening on
> the same box as my openvpn client.
>
> This seems to work - I get connected to OpenVPN server fine, however, I
> don't seem to be able to ping the openvpn server by either of it's public
> or private ip addresses. In fact, it seems like when I do a tcpdump on the
> stunnel server, I don't see any incoming traffic on port 443. How is it
> possible that I am getting the VPN connection, but then the rest of the
> traffic just sort of stops going through stunnel?
>
> My stunnel client service looks like the following:
>
> [openvpn]
> accept = 127.0.0.1:5150
> connect = stunnelserver:443
>
> and my stunnel server looks like:
>
> [ovpnout]
> cert = mycert.pem
> accept  = 443
> connect = openvpn server
>
> Any ideas?
>
> Disclaimer :
> This email communication may contain privileged and confidential
> information and is intended for the use of the addressee only.If you are
> not an intended recipient you are requested not to reproduce, copy
> disseminate or in any manner distribute this email communication as the
> same is strictly prohibited. If you have received this email in error,
> please notify the sender immediately by return e-mail and delete the
> communication sent in error. Email communications cannot be guaranteed to
> be secure & error free and IB Technology is not liable for any errors in
> the email communication or for the proper, timely and complete transmission
> thereof.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20140723/6a8a06d5/attachment.html>


More information about the stunnel-users mailing list