OpenVPN Support Forum

I have a working OpenVPN setup running for my coworkers on the road. Once connected, it routes all of their traffic through the connection. The server is running on multiple ports (TCP 80, 443, 1194) in case they reach a restrictive network. By default, they connect on 443. This setup usually works just fine, but my coworkers have come across two (corporate) networks that have been able to block the connection, and prevent my users from establishing a connection to the server.

Both of those networks allow connections to HTTP and HTTPS websites without any problem, but they manage to block the OpenVPN connections to port 80 and 443. I'm assuming they have some kind of IDS or packet shaping hardware that is detecting an OpenVPN connection, and blocking it.

Does anyone know if there is a way to set up OpenVPN to make it perfectly mirror a HTTPS connection? I have a feeling that this would bypass the blocks.

tried using an http-proxy?

Do you mean connect through an HTTP proxy, and then to OpenVPN? Or do you mean the http-proxy configuration option for OpenVPN? Or something else?

If you're talking about the OpenVPN config option; It was my understanding that the option sent your HTTP traffic to a separate (specified) proxy server AFTER the OpenVPN connection has been established. Is my understanding of this option incorrect? The manual doesn't give much of a description =/

the option in openvpn connects to the openvpn server over the http-proxy
there is also an option for the server to port-share 443 with an ssl server
without knowing how you are detected and blocked i dont know what to do to bypass it, but those are ideas

I wish I knew how I was being connected and blocked too. It would make this a lot easier =). "http-proxy" sounds like what I was looking for. I'll give it a try the next time coworkers are in those buildings.

Thanks for the help, krzee!