Open VPN slowed down by the great chinese firewall

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
barsa95
OpenVpn Newbie
Posts: 4
Joined: Mon Jun 05, 2017 2:04 pm

Open VPN slowed down by the great chinese firewall

Post by barsa95 » Mon Jun 05, 2017 2:14 pm

Hi everyone, this is my first post in your board,
I'm living in China and fighting with their crazy ip filtering.

Few days ago I completed to setup my own vps server to run an Open VPN daemon, everything is working fine and my two clients, one win10 laptop and one Android phone are connecting without any problem.

The main issue is the overall speed of my connection; if i connect my clients to the net using my home router i'll get a really low speed (around 200 kbit/s), instead if i use the 4g connection i can surf a lot faster (around 7 mbit/s).

My home router is connected directly to the optic fiber line and can run up to 50 mbit/s on chinese servers.

Do you have any recommendation or protocol or ip port to use to avoid the isp down throttling?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Open VPN slowed down by the great chinese firewall

Post by TinCanTech » Mon Jun 05, 2017 5:42 pm

How about obfsproxy ..

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Open VPN slowed down by the great chinese firewall

Post by Pippin » Mon Jun 05, 2017 5:47 pm

Or stunnel.....

barsa95
OpenVpn Newbie
Posts: 4
Joined: Mon Jun 05, 2017 2:04 pm

Re: Open VPN slowed down by the great chinese firewall

Post by barsa95 » Tue Jun 06, 2017 12:00 pm

At first i will change my Open DNS addresses with something else because it seems that they're blocked here, then i will change the listening ports.
I am already using the TLS key exchange during the conection with my server so if anything will change i'm going to try to set up obfsproxy.
It's really strange because my 4g isp isn't recognizing the open vpn traffic instead of my home isp.

I'll keep you updated.

Thanks for the response!

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Open VPN slowed down by the great chinese firewall

Post by TinCanTech » Tue Jun 06, 2017 12:13 pm

Because you are in China and behind The GFW .. I am curious to see if I can actually help here.
I have a server setup and if you set one up there, perhaps we can work something out.

Email: tincanteksup <at> gmail

barsa95
OpenVpn Newbie
Posts: 4
Joined: Mon Jun 05, 2017 2:04 pm

Re: Open VPN slowed down by the great chinese firewall

Post by barsa95 » Tue Jun 06, 2017 3:33 pm

Partially solved!
The open DNSs are working correctly, so i simply changed my connection protocol from TCP to UDP and used a random port.
For now it's working.

Another issue is that my 2 clients are not Linux PCs, and it's kind of difficult to set up the obfsproxy service on Windows and Android.
And in China https is being blocked or throttled in most cases so i don't think that stunnel is a good option.

Maybe if i simply switch port randomly every week / month can work smoothly.

Thank you!

User avatar
Pippin
Forum Team
Posts: 1201
Joined: Wed Jul 01, 2015 8:03 am
Location: irc://irc.libera.chat:6697/openvpn

Re: Open VPN slowed down by the great chinese firewall

Post by Pippin » Tue Jun 06, 2017 6:01 pm

Another issue is that my 2 clients are not Linux PCs
Really? They block/throttle HTTPS/port 443 ?
I doubt they block on port 443...but could be.
You would need stunnel for Windows and SSLDroid for Android.
Maybe if i simply switch port randomly every week
It`s easy to find OpenVPN, I help you hope they take longer then a week to find it.....
When I read www then stunnel seems to do the job fairly well, but also obfs

barsa95
OpenVpn Newbie
Posts: 4
Joined: Mon Jun 05, 2017 2:04 pm

Re: Open VPN slowed down by the great chinese firewall

Post by barsa95 » Wed Jun 07, 2017 4:36 pm

Well the have already busted me .-. Like 24 hours.
I'm going to try stunnel, with ssldroid on my phone and the original client on my laptop.

Does obfs proxy route all the client traffic or i need to set it up app by app? In that case maybe stunnel is better

Post Reply