Jump to content
Not connected, Your IP: 18.118.208.127
oO0XX0Oo

SSL connection without stunnel (Windows)?

Recommended Posts

Hi,

I downloaded the files from the web generator, e.g.:

AirVPN_BG-Sofia_Fornax_SSL-443.ovpn
AirVPN_BG-Sofia_Fornax_SSL-443.ssl
 

and the necessary *.crt and *key files as well

 

Is it normal that using the .ovpn file from OpenVPN (not eddie!)

establishes a vpn connection WITHOUT starting

stunnel with the .ssl file beforehand?

 

 

Share this post


Link to post
Tue Jun 27 23:06:35 2017 OpenVPN 2.4.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 11 2017
Tue Jun 27 23:06:35 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Jun 27 23:06:35 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.10
Enter Management Password:
Tue Jun 27 23:06:35 2017 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Tue Jun 27 23:06:35 2017 Need hold release from management interface, waiting...
Tue Jun 27 23:06:35 2017 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341
Tue Jun 27 23:06:35 2017 MANAGEMENT: CMD 'state on'
Tue Jun 27 23:06:35 2017 MANAGEMENT: CMD 'log all on'
Tue Jun 27 23:06:35 2017 MANAGEMENT: CMD 'echo all on'
Tue Jun 27 23:06:35 2017 MANAGEMENT: CMD 'hold off'
Tue Jun 27 23:06:35 2017 MANAGEMENT: CMD 'hold release'
Tue Jun 27 23:06:36 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 27 23:06:36 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Jun 27 23:06:36 2017 TCP/UDP: Preserving recently used remote address: [AF_INET]93.123.73.115:53
Tue Jun 27 23:06:36 2017 Socket Buffers: R=[65536->262144] S=[65536->262144]
Tue Jun 27 23:06:36 2017 UDP link local: (not bound)
Tue Jun 27 23:06:36 2017 UDP link remote: [AF_INET]93.123.73.115:53
Tue Jun 27 23:06:36 2017 MANAGEMENT: >STATE:1498597596,WAIT,,,,,,
Tue Jun 27 23:06:36 2017 MANAGEMENT: >STATE:1498597596,AUTH,,,,,,
...

 

This is the log after choosing the .ovpn entry in OpenVPN. I've rebooted the pc and didn't start stunnel at all...

So why does it connect if stunnel isn't running?

 

This is the content of that .ovpn file:

# --------------------------------------------------------
# Air VPN | https://airvpn.org | Sunday 25th of June 2017 08:54:47 PM
# OpenVPN Client Configuration
# AirVPN_BG-Sofia_Fornax_SSL-443
# --------------------------------------------------------

client
dev tun
proto tcp
remote 127.0.0.1 1413
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
verb 3
rcvbuf 262144
sndbuf 262144
route 93.123.73.115 255.255.255.255 net_gateway
ca "ca.crt"
cert "user.crt"
key "user.key"
tls-auth "ta.key" 1



 

I have different vpn providers atm. I see no immediate reason to switch to a different client

as long as I don't know if I'll keep AirVPN (I'm only on a 3 day membership atm)

Share this post


Link to post

If your connection was established using that config (remote 127.0.0.1 1413), it means the SSL tunnel was working.

Make sure to check your running processes again, you can also check the IP that was assigned to you by the tunnel,

should be from 10.50.*.*.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

If your connection was established using that config (remote 127.0.0.1 1413), it means the SSL tunnel was working.

Make sure to check your running processes again, you can also check the IP that was assigned to you by the tunnel,

should be from 10.50.*.*.

 

 

Did you notice the log posted is not from the SSL 443 config but an attempt to connect to UDP 53?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...