[stunnel-users] OpenVPN over stunnel

Thu Jul 24 14:41:09 CEST 2014

I've done some more digging on this. The problem was initially that I
needed to add a route for stunnel itelf to get to the stunnel server. With
that gateway directive, traffic as getting to the VPN route first, so the
stunnel client was losing it's connection. I'm not real sure what the
solution is here. It would be nice to have openvpn tell it to exclude
routes I guess, but that seems clunky
On Jul 23, 2014 2:09 PM, "Derek Cole" <derek.cole at gmail.com> wrote:

> Hrmm, I tried this, and it didn't immediately solve my problem. I think
> there is actually a problem here with the openvpn configuration. I have it
> set to "push redirect-gateway def1" and when that is the case, the openvpn
> client makes the initial connection (it says), but I can't even ping the
> openvpn server. When I take out the push redirect-gateway config option, I
> end up with a connection, and I can ping the openvpn servers tun address,
> but I don't have any rules to force all traffic over the vpn connection
> that way.
>
> Any ideas?
>
>
> On Wed, Jul 23, 2014 at 12:09 AM, Ahin Shaw <ahin.shaw at indiabulls.com>
> wrote:
>
>> Hi Derek,
>>
>>
>>
>> Use the Server IP instead of loopback address. I am sure this will work.
>>
>>
>>
>> accept = 127.0.0.1:5150
>>
>>
>>
>>
>>
>> Many Thanks!
>>
>> *From:* stunnel-users [mailto:stunnel-users-bounces at stunnel.org] *On
>> Behalf Of *Derek Cole
>> *Sent:* Wednesday, July 23, 2014 4:19 AM
>> *To:* stunnel-users at stunnel.org
>> *Subject:* [stunnel-users] OpenVPN over stunnel
>>
>>
>>
>> Hello,
>>
>> I am doing something similar to what is happening in this scenario:
>>
>> http://kyl191.net/2012/12/tunneling-openvpn-through-stunnel/
>>
>> That is, I have set my openvpn client configuration to be "remote
>> localhost port" where port is the port my stunnel client is listening on
>> the same box as my openvpn client.
>>
>> This seems to work - I get connected to OpenVPN server fine, however, I
>> don't seem to be able to ping the openvpn server by either of it's public
>> or private ip addresses. In fact, it seems like when I do a tcpdump on the
>> stunnel server, I don't see any incoming traffic on port 443. How is it
>> possible that I am getting the VPN connection, but then the rest of the
>> traffic just sort of stops going through stunnel?
>>
>> My stunnel client service looks like the following:
>>
>> [openvpn]
>> accept = 127.0.0.1:5150
>> connect = stunnelserver:443
>>
>> and my stunnel server looks like:
>>
>> [ovpnout]
>> cert = mycert.pem
>> accept  = 443
>> connect = openvpn server
>>
>> Any ideas?
>>
>> Disclaimer :
>> This email communication may contain privileged and confidential
>> information and is intended for the use of the addressee only.If you are
>> not an intended recipient you are requested not to reproduce, copy
>> disseminate or in any manner distribute this email communication as the
>> same is strictly prohibited. If you have received this email in error,
>> please notify the sender immediately by return e-mail and delete the
>> communication sent in error. Email communications cannot be guaranteed to
>> be secure & error free and IB Technology is not liable for any errors in
>> the email communication or for the proper, timely and complete transmission
>> thereof.
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20140724/c9128099/attachment.html>