Hi,
I have a Raspberry Pi in a remote LAN. The Pi does a remote SSH tunnel to a public SSH server, presenting the OpenVPN port (I used port 10012) active on that server. I want to combine OpenVPN with the SSH tunnel. I tried to do this by changing the "remote" statement in a working OpenVPN client file, but then I get:
TCP: connect to [AF_INET]176.58.101.53:10012 failed: Connection refused
I configured OpenVPN to use TCP by the way, SSH tunneling does not support UDP I believe.
What could be wrong? Also, does the OpenVPN server support the use of a SOCKS proxy? That could be another route to accomplish this.
Cheers and thanks for your insights,
BC
Combining OpenVPN with a reversed SSH tunnel
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
bcnx
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Sep 20, 2021 9:31 pm
-
bcnx
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Sep 20, 2021 9:31 pm
Re: Combining OpenVPN with a reversed SSH tunnel
I partially discovered why this does not work: the remote SSH tunnel binds to localhost and not to the public IP. When doing a local forwarding SSH tunnel to bring the remote port to my client and changing the OpenVPN config file to reflect this change, I get:
Mon Sep 20 23:58:28 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 27 2021
Mon Sep 20 23:58:28 2021 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Enter Private Key Password: *********
Mon Sep 20 23:58:32 2021 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Sep 20 23:58:32 2021 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Sep 20 23:58:32 2021 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Sep 20 23:58:32 2021 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Sep 20 23:58:32 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
Mon Sep 20 23:58:32 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
Mon Sep 20 23:58:32 2021 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
Mon Sep 20 23:58:32 2021 TCP connection established with [AF_INET]127.0.0.1:1194
Mon Sep 20 23:58:32 2021 TCP_CLIENT link local: (not bound)
Mon Sep 20 23:58:32 2021 TCP_CLIENT link remote: [AF_INET]127.0.0.1:1194
Mon Sep 20 23:58:32 2021 Connection reset, restarting [-1]
Mon Sep 20 23:58:32 2021 SIGUSR1[soft,connection-reset] received, process restarting
Mon Sep 20 23:58:32 2021 Restart pause, 5 second(s)
Enter Private Key Password: *********
BC
Mon Sep 20 23:58:28 2021 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 27 2021
Mon Sep 20 23:58:28 2021 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Enter Private Key Password: *********
Mon Sep 20 23:58:32 2021 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Sep 20 23:58:32 2021 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Sep 20 23:58:32 2021 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Mon Sep 20 23:58:32 2021 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Sep 20 23:58:32 2021 TCP/UDP: Preserving recently used remote address: [AF_INET]127.0.0.1:1194
Mon Sep 20 23:58:32 2021 Socket Buffers: R=[131072->131072] S=[16384->16384]
Mon Sep 20 23:58:32 2021 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
Mon Sep 20 23:58:32 2021 TCP connection established with [AF_INET]127.0.0.1:1194
Mon Sep 20 23:58:32 2021 TCP_CLIENT link local: (not bound)
Mon Sep 20 23:58:32 2021 TCP_CLIENT link remote: [AF_INET]127.0.0.1:1194
Mon Sep 20 23:58:32 2021 Connection reset, restarting [-1]
Mon Sep 20 23:58:32 2021 SIGUSR1[soft,connection-reset] received, process restarting
Mon Sep 20 23:58:32 2021 Restart pause, 5 second(s)
Enter Private Key Password: *********
BC