<p dir="ltr">I've done some more digging on this. The problem was initially that I needed to add a route for stunnel itelf to get to the stunnel server. With that gateway directive, traffic as getting to the VPN route first, so the stunnel client was losing it's connection. I'm not real sure what the solution is here. It would be nice to have openvpn tell it to exclude routes I guess, but that seems clunky</p>
<div class="gmail_quote">On Jul 23, 2014 2:09 PM, "Derek Cole" <<a href="mailto:derek.cole@gmail.com">derek.cole@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hrmm, I tried this, and it didn't immediately solve my problem. I think there is actually a problem here with the openvpn configuration. I have it set to "push redirect-gateway def1" and when that is the case, the openvpn client makes the initial connection (it says), but I can't even ping the openvpn server. When I take out the push redirect-gateway config option, I end up with a connection, and I can ping the openvpn servers tun address, but I don't have any rules to force all traffic over the vpn connection that way. <br>
<br>Any ideas?<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, Jul 23, 2014 at 12:09 AM, Ahin Shaw <span dir="ltr"><<a href="mailto:ahin.shaw@indiabulls.com" target="_blank">ahin.shaw@indiabulls.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div link="blue" vlink="purple" lang="EN-US"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi Derek,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Use the Server IP instead of loopback address. I am sure this will work.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal">accept = <a href="http://127.0.0.1:5150" target="_blank">127.0.0.1:5150</a><u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><u></u> <u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Many Thanks!<u></u><u></u></span></p>
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> stunnel-users [mailto:<a href="mailto:stunnel-users-bounces@stunnel.org" target="_blank">stunnel-users-bounces@stunnel.org</a>] <b>On Behalf Of </b>Derek Cole<br>
<b>Sent:</b> Wednesday, July 23, 2014 4:19 AM<br><b>To:</b> <a href="mailto:stunnel-users@stunnel.org" target="_blank">stunnel-users@stunnel.org</a><br><b>Subject:</b> [stunnel-users] OpenVPN over stunnel<u></u><u></u></span></p>
<div><div><p class="MsoNormal"><u></u> <u></u></p><div><div><div><div><div><p class="MsoNormal">Hello,<u></u><u></u></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">I am doing something similar to what is happening in this scenario:<br>
<br><a href="http://kyl191.net/2012/12/tunneling-openvpn-through-stunnel/" target="_blank">http://kyl191.net/2012/12/tunneling-openvpn-through-stunnel/</a><u></u><u></u></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">
That is, I have set my openvpn client configuration to be "remote localhost port" where port is the port my stunnel client is listening on the same box as my openvpn client.<br><br>This seems to work - I get connected to OpenVPN server fine, however, I don't seem to be able to ping the openvpn server by either of it's public or private ip addresses. In fact, it seems like when I do a tcpdump on the stunnel server, I don't see any incoming traffic on port 443. How is it possible that I am getting the VPN connection, but then the rest of the traffic just sort of stops going through stunnel?<br>
<br>My stunnel client service looks like the following:<br><br>[openvpn]<br>accept = <a href="http://127.0.0.1:5150" target="_blank">127.0.0.1:5150</a><br>connect = stunnelserver:443<u></u><u></u></p></div><p class="MsoNormal" style="margin-bottom:12.0pt">
and my stunnel server looks like:<br><br>[ovpnout]<br>cert = mycert.pem<br>accept = 443<br>connect = openvpn server<u></u><u></u></p></div><p class="MsoNormal">Any ideas?<u></u><u></u></p></div></div></div></div><p><font>Disclaimer : <br>
This email communication may contain privileged and confidential information and is intended for the use of the addressee only.If you are not an intended recipient you are requested not to reproduce, copy disseminate or in any manner distribute this email communication as the same is strictly prohibited. If you have received this email in error, please notify the sender immediately by return e-mail and delete the communication sent in error. Email communications cannot be guaranteed to be secure & error free and IB Technology is not liable for any errors in the email communication or for the proper, timely and complete transmission thereof.</font></p>
</div></blockquote></div><br></div>
</blockquote></div>