[stunnel-users] Random Client Ports

Koenraad Lelong stunnel at ace-electronics.be
Wed Sep 2 09:15:20 CEST 2009

Matt Keoppel schreef:
> We are currently trying to add Stunnel to our application.  Each time one of our clients try to connect to the server it seems to make its call from a random port.  We  have set up the server config file to be:
> [OurApp]
> accept = 15366
> connect = 15365
> The config file on our client is set up as:
> client = yes
> [OurApp]
> accept = 1308
> connect = [serverIp]:15366
> The problem that we are having is that the source port on our client changes every time we try to send data from our client to our server.  So one time we send data the port will be 1308 and the next time will be 1309.  We also tried to set up multiple configurations that were configure to accept on many ports and all connecting to [serverIP]:15366.  Is there any way to get Stunnel working with our dynamic client port?
> Thanks,
> MK
Hi Matt,
When an client-application connects to a server (without stunnel), it 
chooses a random free port as source to a well-defined port as 
destination, depending on the server-application : port 25 for SMTP, 143 
for IMAP, etc. The server's application takes care of the rest.
Now you want stunnel to secure the connection. You configure stunnel on 
the client to listen (accept) on that well-defined port of your 
server-application and to connect to a port of your choice on the 
server. On the server-side you configure stunnel to listen to that 
chosen port, and connect to the well-defined port on the server.
Your client-application has to be configured to connect to "localhost" 
( So to your client-application it's like the server runs on 
the client.

That's it. I hope this helps your understanding of stunnel.

Koenraad Lelong.

More information about the stunnel-users mailing list