Good afternoon everybody,
I'm new to this forum, i've been fighting with OVPN settings all the way to here.
I've been finding a lot of clear infos in this forum and I succed in my goals.
I have now setup a server on a STB on TCP over 443 port.
I'm conncecting to it from my android phone, everything is working:
browsing all clients webifs
tcp, ssh, internet browsing with server's IP
I've now configured the client on my office windows7 behind a company firewall which is managed by our IT.
My company IT profile is capable of browsing and I've only a not restrictive web sense filter.
I managed to connect to my home's VPN, what is working:
ftp, ssh, network samba shares, ping to OVPN address and server side address .....
what is not working:
http browsing with OVPN server's IP (don't know why but that's fine for me)
http browsing to server's side client webifs (over http!!!) which is why i setup this connections.
I'm going crazy!
TUN TCP openvpn over port 443 routing all but HTTPs
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
marlongt
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Nov 14, 2013 3:29 pm
-
marlongt
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Nov 14, 2013 3:29 pm
Re: TUN TCP openvpn over port 443 routing all but HTTPs
Code: Select all
LAN H3g WORKS!
Indirizzo rete Mask Gateway Interfaccia Metric Indirizzo rete Mask Gateway Interfaccia
0.0.0.0 0.0.0.0 10.1.254.254 10.1.7.84 10 0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.230 25
10.1.0.0 255.255.0.0 On-link 10.1.7.84 266 192.168.43.0 255.255.255.0 On-link 192.168.43.230 281
10.1.7.84 255.255.255.255 On-link 10.1.7.84 266 192.168.43.230 255.255.255.255 On-link 192.168.43.230 281
10.1.255.255 255.255.255.255 On-link 10.1.7.84 266 192.168.43.255 255.255.255.255 On-link 192.168.43.230 281
10.8.0.0 255.255.255.0 10.8.0.5 10.8.0.6 30 10.8.0.0 255.255.255.0 10.8.0.5 10.8.0.6 30
10.8.0.4 255.255.255.252 On-link 10.8.0.6 286 10.8.0.4 255.255.255.252 On-link 10.8.0.6 286
10.8.0.6 255.255.255.255 On-link 10.8.0.6 286 10.8.0.6 255.255.255.255 On-link 10.8.0.6 286
10.8.0.7 255.255.255.255 On-link 10.8.0.6 286 10.8.0.7 255.255.255.255 On-link 10.8.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 10.8.0.5 10.8.0.6 30 192.168.1.0 255.255.255.0 10.8.0.5 10.8.0.6 30
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 127.0.0.1
224.0.0.0 240.0.0.0 On-link 10.1.7.84 266 224.0.0.0 240.0.0.0 On-link 192.168.43.230
224.0.0.0 240.0.0.0 On-link 10.8.0.6 286 224.0.0.0 240.0.0.0 On-link 10.8.0.6
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.1.7.84 266 255.255.255.255 255.255.255.255 On-link 192.168.43.230 281
255.255.255.255 255.255.255.255 On-link 10.8.0.6 286 255.255.255.255 255.255.255.255 On-link 10.8.0.6 286
-
marlongt
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Nov 14, 2013 3:29 pm
Re: TUN TCP openvpn over port 443 routing all but HTTPs
I'm sorry i just realized that the code wasn't formatted here it is:
Basically the top table is with working scenario, me connected in wifi with the company guest network as an unknown user.
The bottom down it's me with my LDAP profile connected to the company network, not working scenario.
I think it is nothing related with routes, cause the structure is identical.
But how can be a firewall issue if the most dangerous protocols are free to pass and the HTTP not???
The only thing which is weird is that in the scenario1 all the traffic of my 127.0.0.1 seems to be routed trough my VPN , if i'm browsing to "tell me my IP" i see my VPN internet address.
In scenario2 all the HTTP traffic is routed by my company network while i can keep connecting to ftp and ssh at my VPN side as well....
Code: Select all
Route attive:
Indirizzo rete Mask Gateway Interfaccia Metrica
0.0.0.0 0.0.0.0 172.xx.xx.xx 172.xx.yy.yy 25
10.8.0.0 255.255.255.0 10.8.0.5 10.8.0.6 30
10.8.0.4 255.255.255.252 On-link 10.8.0.6 286
10.8.0.6 255.255.255.255 On-link 10.8.0.6 286
10.8.0.7 255.255.255.255 On-link 10.8.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.28.1.0 255.255.255.0 On-link 172.xx.yy.yy 281
172.xx.yy.yy 255.255.255.255 On-link 172.xx.yy.yy 281
172.xx.xx.yyy 255.255.255.255 On-link 172.xx.yy.yy 281
192.168.1.0 255.255.255.0 10.8.0.5 10.8.0.6 30
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.8.0.6 286
224.0.0.0 240.0.0.0 On-link 172.xx.yy.yy 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.8.0.6 286
255.255.255.255 255.255.255.255 On-link 172.xx.yy.yy 281
===========================================================================
Route attive:
Indirizzo rete Mask Gateway Interfaccia Metric
0.0.0.0 0.0.0.0 10.1.254.254 10.1.7.84 10
10.1.0.0 255.255.0.0 On-link 10.1.7.84 266
10.1.7.84 255.255.255.255 On-link 10.1.7.84 266
10.1.255.255 255.255.255.255 On-link 10.1.7.84 266
10.8.0.0 255.255.255.0 10.8.0.5 10.8.0.6 30
10.8.0.4 255.255.255.252 On-link 10.8.0.6 286
10.8.0.6 255.255.255.255 On-link 10.8.0.6 286
10.8.0.7 255.255.255.255 On-link 10.8.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 10.8.0.5 10.8.0.6 30
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.1.7.84 266
224.0.0.0 240.0.0.0 On-link 10.8.0.6 286
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.1.7.84 266
255.255.255.255 255.255.255.255 On-link 10.8.0.6 286
===========================================================================Basically the top table is with working scenario, me connected in wifi with the company guest network as an unknown user.
The bottom down it's me with my LDAP profile connected to the company network, not working scenario.
I think it is nothing related with routes, cause the structure is identical.
But how can be a firewall issue if the most dangerous protocols are free to pass and the HTTP not???
The only thing which is weird is that in the scenario1 all the traffic of my 127.0.0.1 seems to be routed trough my VPN , if i'm browsing to "tell me my IP" i see my VPN internet address.
In scenario2 all the HTTP traffic is routed by my company network while i can keep connecting to ftp and ssh at my VPN side as well....
-
marlongt
- OpenVpn Newbie
- Posts: 4
- Joined: Thu Nov 14, 2013 3:29 pm
Re: TUN TCP openvpn over port 443 routing all but HTTPs
I managed to go out with my VPN internet IP, but in a very dirty way:
created a SSH tunnell to my ssh server on the VPN side,
configured putty for ssh tunnel on localhost:55021
configured my firefox to connect to proxy his traffic to the proxy v5 on localhost:55021
now i have my personal browser firefox which is secret, and explorer which is company, looks nice and handy this way, but i don't like the way i achieved that....i'm sure there's a more fashioned way....
created a SSH tunnell to my ssh server on the VPN side,
configured putty for ssh tunnel on localhost:55021
configured my firefox to connect to proxy his traffic to the proxy v5 on localhost:55021
now i have my personal browser firefox which is secret, and explorer which is company, looks nice and handy this way, but i don't like the way i achieved that....i'm sure there's a more fashioned way....