[stunnel-users] behaviour when using 127.0.0.1 in the 'connect' field
Peter Pentchev
roam at ringlet.net
Tue Mar 10 10:47:03 CET 2020
On Tue, Mar 10, 2020 at 01:25:33PM +0800, Kelly Trinh wrote:
[formatting fixed a bit]
> Hi all - just want to report a problem I solved recently but wanted to
> get some insights on what was causing the problem.
>
> About me - learnt some unix at university (20 years ago) but nothing too
> serious. Recently (1 month ago) acquired own domain name and now poking
> around the cloud computing / VPS thing.
>
> Project - hand-rolling my own VPN setup on a Ubuntu 18.04 VPS. OpenVPN
> is easy since it is a git-clone thing and then just follow the
> openvpn-install script. I wanted to add on the Stunnel wrapper because
> intended to use the VPN in China and apparently their firewall does deep
> packet inspection and can recognize (and block) openvpn traffic.
>
> Problem - when I set up my stunnel using 127.0.0.1 as the connect
> destination; it doesn't seem to work (I can see from openvpn window that
> things seem to pipe through stunnel but then immediately the connection
> is terminated). If I replace the 127.0.0.1 with IP of the box I am
> using (say for example 1.2.3.4); everything works! The FQDN is ok as
> well; as long as I don't use 127.0.0.1
>
> Specifically the stunnel.conf:
>
> [OpenVPN]
> Accept = 443 # clients connect through 443 to further avoid potential blocking
> Connect = 127.0.0.1:1194 #<- this line won't work; but if I replace with 1.2.3.4:1194 then it will work!
>
> Question - My problem is fixed but I am curious if there is any insights
> on why this is happening given that 1.2.3.4 and 127.0.0.1 are the same
> machine?
Hi,
Could you post:
- your full stunnel config, not just this snippet
- the logfile of stunnel when you have it configured to connect to
127.0.0.1 and you attempt a connection
- the output of `lsof -P -n -i tcp:443,1194` as root just after
the connection fails (you may need to `apt install lsof` beforehand)
Thanks in advance!
G'luck,
Peter
--
Peter Pentchev roam@{ringlet.net,debian.org,FreeBSD.org} pp at storpool.com
PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200310/8bed6286/attachment.sig>
More information about the stunnel-users
mailing list