I have a network configuration with an Apache Http proxy server inside a DMZ, and with an OpenVPN server behind the inside firewall. I'm new to OpenVPN, and as far as secure encryption is concerned, I'm sure my configuration leaves a lot to be desired. But with this first time current configuration (see below) everything works fine, and I get the tunneling functionality that I want with the client being able to access machines behind the inside firewall.
My issue is that the initial HTTP Connect request (and response), which is port forwarded through the outside firewall to the Apache Http server, is in plain HTTP and not encrypted. I've tried various configuration changes, but I cannot get the client to initiate the HTTP Connect request with an SSL/TLS ClientHello. Is there someone who can point me to the correct client configuration to make this happen? Thank you.
Mark
Client Configuration (Windows Client):
client
proto tcp
dev tun
http-proxy 192.168.1.97 80
remote openvpnserver 1194
ca ca.crt
cert client.crt
key client.key
cipher DES-EDE3-CBC
auth SHA512
remote-cert-tls server
tls-client
key-method 2
tls-cipher DEFAULT
verb 3
comp-lzo
Server Configuration (Ubuntu Server):
port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.9.0 255.255.255.0"
push "route 192.168.2.0 255.255.255.0"
keepalive 10 120
cipher DES-EDE3-CBC
auth SHA512
persist-key
persist-tun
status openvpn-status.log
verb 3
comp-lzo
mode server
tls-server
Proxy Server HTTP Connect not encrypted
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 1
- Joined: Tue Sep 05, 2017 8:31 pm