OPNsense Forum
English Forums => General Discussion => Topic started by: deodion on August 16, 2017, 10:38:52 am
-
Is there anyway to get around ISP VPN blocking?
I read here: https://www.bestvpn.com/privacy-news/how-to-bypass-vpn-blocks
I'm suspecting my ISP is using Deep Packet Inspection (DPI) technology to control VPN traffic,
Perhaps actually OPNsense is built-in with stunnel or SSH tunneling?
Thank you,
-
Mostly SSL VPN (OpenVPN) through 443. Or is that already specifically blocked? There is the XOR patch which we have as well to prevent this detection in site-to-site deployments where you control both sites:
https://tunnelblick.net/cOpenvpn_xorpatch.html
You can also tunnel quite a bit through SSH, which is preinstalled.
We don't have stunnel as a package right now, but you could install that manually as well.
Cheers,
Franco
-
Mostly SSL VPN (OpenVPN) through 443. Or is that already specifically blocked?
You can also tunnel quite a bit through SSH, which is preinstalled.
Cheers,
Franco
I will try to change it to 443 tonight,
And could you help point out how to use SSH tunneling in OPNsense and the client, please?
may be like just follow this link?: https://www.howtogeek.com/168145/how-to-use-ssh-tunneling
-
Sure, if you want to connect to the GUI of a remote OPNsense that you only configured via SSH access from WAN:
# ssh -L 443:localhost:8443 10.0.0.1
In the browser, just open https://localhost:8443 to see the remote GUI.
Cheers,
Franco
-
or use -D port (socks proxy of the ssh command)