zsam288 36 Posted ... Hi all, Torvpn is able to make stealth profiles for android that work in China. Any possibility to have this for Airvpn? See examples below for both TCP and UDP for one of their servers in the Netherlands client dev tun proto tcp nobind remote-random remote 89.248.172.172 443 ca ca.crt auth-user-pass remote-cert-tls server cipher AES-256-CBC resolv-retry 5 tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 route-delay 5 30 ping-restart 0 persist-key persist-tun comp-lzo mute-replay-warnings client dev tun proto udp nobind remote-random remote 89.248.172.172 53 ca ca.crt auth-user-pass remote-cert-tls server cipher AES-256-CBC resolv-retry 5 tun-mtu 1500 tun-mtu-extra 32 mssfix 1450 route-delay 5 30 ping-restart 0 persist-key persist-tun comp-lzo mute-replay-warnings fast-io Quote Share this post Link to post
Staff 9972 Posted ... Hello! The problem in those configuration files is that the OpenVPN "fingerprint" is always visible in the headers, so the connection can be disrupted. We solved the problem by encrypting the OpenVPN header, tunneling OpenVPN in SSL or SSH (OpenVPN over SSL/SSH, a tunnel inside a tunnel). This solution works in China and Iran, the two countries in which OpenVPN connections are actively disrupted, but as far as we know (we will investigate further anyway) it can't be implemented on Android or iOS because openvpn-connect client does not support connections of OpenVPN over SSH or SSL. Kind regards Quote Share this post Link to post
zsam288 36 Posted ... Hi, Thanks for your response. I was in China recently and sometimes the AirVPN profiles worked (resolved IP configs)But sometimes they didn't and the 'stealth' config from Torguard did work. Quote Share this post Link to post
zsam288 36 Posted ... What do you think of this patch that was made that adds a possibility to scramble vpn traffic? https://forums.openvpn.net/topic12605.html Quote Share this post Link to post
Staff 9972 Posted ... What do you think of this patch that was made that adds a possibility to scramble vpn traffic? https://forums.openvpn.net/topic12605.html Hello, it is not simple to implement it in our service, there are serious issues. Anyway our reports from China are very good, there is no need at the moment to add anything else, especially something so problematic like the proposed patch. Kind regards Quote Share this post Link to post