VPN in Cuba

[oshun123 0]

Hi,

I was working in January and February remote from Cuba for my client in Italy, I will go back in one week and stay another 3 month. During my time in Cuba, i tried many different VPN solutions; What i found out is that Wireguard works always, while pure OpenVPN seems to be blocked. That's why i joined AirVPN as i would like to know if SSL over OpenVPN or SSH over OpenVPN work over there. I will let you know as soon as I am there.

I have tried several VPN solutions, the most disappoining was NordVPN. Their promise to bypass censorship is wrong. What worked was ExpressVPN, Proton VPN and Proxy solutions such as Outline, Vless, VMess, Brook, Hysteria, Psiphon, Lantern. 

Still, Wireguard is easy to detect and can be easily blocked. So i need a backup solution, hopefully not a Proxy one as it is difficult to tunnel all traffic on a WIndows System (i use Proxifier for this, but i am not sure if really all traffic gets tunneled).

I hope AirVPN with OpenVPN over SSH/SSL is another option/backup solution for me. Let's see...

Does somebody know what happens with UDP packets (for example if doing Teams calls)?  How will they be forwared when using OpenVPN in TCP mode? Will the packets simply bypass the VPN and be routed directly?

Edited ... by oshun123

[OpenSourcerer 1360]

11 minutes ago, oshun123 said:

Does somebody know what happens with UDP packets (for example if doing Teams calls)?  How will they be forwared when using OpenVPN in TCP mode? Will the packets simply bypass the VPN and be routed directly?

The protocol inside the tunnel has nothing to do with the protocol of the tunnel. Whatever is in the tunnel will simply be a part of the tunnel packet's payload. If the tunnel is UDP and the traffic inside the tunnel is UDP (such is the case with MS Teams), you'll effectvely have two UDP headers in succession, the latter one encrypted, though (because it's the payload of OpenVPN). When outer is UDP but inner is TCP, the rules don't change: You'd effectively have the TCP header and payload of the application engulfed by the UDP header and payload of the OpenVPN packet (encrypted by OpenVPN, or rather the xSSL library used by OpenVPN, to be exact)

Now, OpenVPN over SSL or SSH don't change this at all except add yet another layer to that: The application header/payload (the application data, such as a frame or audio sample in MS Teams), engulfed by the OpenVPN header/payload (the encrypted packet of the application), engulfed by the SSH or SSL protocol header/payload (the OpenVPN packet, encrypted by probably the same SSL library; it's mostly OpenSSL these days, anyway).

So, no, a "bypass" is not happening. All traffic is routed through the VPN.