Hello,
I am unable to connect to my OpenVPN server because TLS handshake is blocked in my country in order to prevent people from using VPN.
Is there any solution? Changing TLS version? Disabling TLS?
Please assist.
Regards
Omid
Softether: TLS handshake is blocked
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Jan 04, 2018 9:59 am
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: TLS handshake is blocked
OpenVPN now has --tls-crypt which may defeat your adversary for a while ..
but most likely They will block that once They find it.
Try it and let us know.
but most likely They will block that once They find it.
Try it and let us know.
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Jan 04, 2018 9:59 am
Re: TLS handshake is blocked
Hello,
Would you please explain how to add this key to the config file?
I am using OpenVPN GUI 2.4.4-1601 on Windows 10.
Thank you very much.
Would you please explain how to add this key to the config file?
I am using OpenVPN GUI 2.4.4-1601 on Windows 10.
Thank you very much.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: TLS handshake is blocked
See --tls-crypt in The Manual v24x
-
- OpenVpn Newbie
- Posts: 8
- Joined: Thu Jan 04, 2018 9:59 am
Re: TLS handshake is blocked
My understanding is, I have to generate a key file and store it on both server and client (correct me if I am wrong).
I'm afraid this doesn't work for me. My OpenVPN server is not the real server. It is SoftEther server which has built-in OpenVPN clone functionality.
I do have a SOCSK5 proxy server that works without any issue. If somehow I can manage to route OpenVPN traffic through that, then I can get past TLS handshake. Is this possible? Please note that the proxy server requires user/pass authentication.
I'm afraid this doesn't work for me. My OpenVPN server is not the real server. It is SoftEther server which has built-in OpenVPN clone functionality.
I do have a SOCSK5 proxy server that works without any issue. If somehow I can manage to route OpenVPN traffic through that, then I can get past TLS handshake. Is this possible? Please note that the proxy server requires user/pass authentication.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: TLS handshake is blocked
That is correct. (For OpenVPN)Omid Shojaee wrote: ↑Thu Jan 04, 2018 3:55 pmMy understanding is, I have to generate a key file and store it on both server and client (correct me if I am wrong).
Then you have probably come to the wrong place. We don't really support softether.Omid Shojaee wrote: ↑Thu Jan 04, 2018 3:55 pmI'm afraid this doesn't work for me. My OpenVPN server is not the real server. It is SoftEther server which has built-in OpenVPN clone functionality.
Something along those lines may be possible but again "We don't support softether and I don't know what it can/cannot do"Omid Shojaee wrote: ↑Thu Jan 04, 2018 3:55 pmI do have a SOCSK5 proxy server that works without any issue. If somehow I can manage to route OpenVPN traffic through that, then I can get past TLS handshake. Is this possible? Please note that the proxy server requires user/pass authentication.
Note: --tls-crypt in OpenVPN may not be available in softether .. ask the softether people.
Also, after reading this, I personally find some of Their claims (that softether can beat any firewall) rather misleading and possibly outright lies. YMMV