[Advanced Problem] Bypass restrictive network via HTTPS

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
nothsa
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 03, 2010 5:47 pm

[Advanced Problem] Bypass restrictive network via HTTPS

Post by nothsa » Fri Sep 03, 2010 6:02 pm

I have a working OpenVPN setup running for my coworkers on the road. Once connected, it routes all of their traffic through the connection. The server is running on multiple ports (TCP 80, 443, 1194) in case they reach a restrictive network. By default, they connect on 443. This setup usually works just fine, but my coworkers have come across two (corporate) networks that have been able to block the connection, and prevent my users from establishing a connection to the server.

Both of those networks allow connections to HTTP and HTTPS websites without any problem, but they manage to block the OpenVPN connections to port 80 and 443. I'm assuming they have some kind of IDS or packet shaping hardware that is detecting an OpenVPN connection, and blocking it.

Does anyone know if there is a way to set up OpenVPN to make it perfectly mirror a HTTPS connection? I have a feeling that this would bypass the blocks.
Last edited by nothsa on Fri Sep 03, 2010 6:43 pm, edited 1 time in total.

User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Re: [Advanced Problem] Help bypassing very restrictive netwo

Post by krzee » Fri Sep 03, 2010 6:34 pm

tried using an http-proxy?

nothsa
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 03, 2010 5:47 pm

Re: [Advanced Problem] Help bypassing very restrictive netwo

Post by nothsa » Fri Sep 03, 2010 6:42 pm

Do you mean connect through an HTTP proxy, and then to OpenVPN? Or do you mean the http-proxy configuration option for OpenVPN? Or something else?

If you're talking about the OpenVPN config option; It was my understanding that the option sent your HTTP traffic to a separate (specified) proxy server AFTER the OpenVPN connection has been established. Is my understanding of this option incorrect? The manual doesn't give much of a description =/

User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Re: [Advanced Problem] Bypass restrictive network via HTTPS

Post by krzee » Mon Sep 06, 2010 2:33 pm

the option in openvpn connects to the openvpn server over the http-proxy
there is also an option for the server to port-share 443 with an ssl server
without knowing how you are detected and blocked i dont know what to do to bypass it, but those are ideas

nothsa
OpenVpn Newbie
Posts: 3
Joined: Fri Sep 03, 2010 5:47 pm

Re: [Advanced Problem] Bypass restrictive network via HTTPS

Post by nothsa » Tue Sep 07, 2010 1:27 am

I wish I knew how I was being connected and blocked too. It would make this a lot easier =). "http-proxy" sounds like what I was looking for. I'll give it a try the next time coworkers are in those buildings.

Thanks for the help, krzee!

Post Reply