Proto TCP on port 1194

rodentskie · Post by **rodentskie** » Sat Oct 03, 2020 10:50 am

Here is my client.ovpn file

Client config

cipher AES-256-CBC

dev tun
dev-type tun

setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
proto tcp
remote sg1.rodtests.xyz 1194

setenv FRIENDLY_NAME "PayrConf[WNP-SNS]"
nobind

http-proxy rodproxy.rodtests.xyz 3128
http-proxy-retry
http-proxy-timeout 5
http-proxy-option CUSTOM-HEADER Host www.googlevideo.com
http-proxy-option CUSTOM-HEADER X-Forwarded-For www.googlevideo.com

ns-cert-type server
setenv opt tls-version-min 1.0 or-highest
reneg-sec 604800
sndbuf 0
rcvbuf 0
auth-user-pass
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 3
setenv PUSH_PEER_INFO

<ca>...</ca>

Client's log on openvpn connect windows

Code: Select all

10/3/2020, 6:20:50 PM EVENT: RECONNECTING ⏎10/3/2020, 6:20:50 PM EVENT: WAIT_PROXY ⏎10/3/2020, 6:20:50 PM Contacting 54.255.239.22:3128 via HTTP Proxy
⏎10/3/2020, 6:20:50 PM WinCommandAgent: transmitting bypass route to 54.255.239.22
{
	"host" : "54.255.239.22",
	"ipv6" : false
}

⏎10/3/2020, 6:20:50 PM EVENT: WAIT ⏎10/3/2020, 6:20:50 PM TO PROXY: CONNECT sg1.rodtests.xyz:1194 HTTP/1.0
Host: www.googlevideo.com
X-Forwarded-For: www.googlevideo.com

⏎10/3/2020, 6:20:50 PM FROM PROXY: HTTP/1.1 503 Service Unavailable
Server: squid/4.10
Mime-Version: 1.0
Date: Sat, 03 Oct 2020 10:20:51 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3494
X-Squid-Error: ERR_CONNECT_FAIL 111
Vary: Accept-Language
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 /*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
}

html body {
	margin: 0;
	padding: 0;
	background: #efefef;
	font-size: 12px;
	color: #1e1e1e;
}

/* Page displayed title area */
#titles {
	margin-left: 15px;
	padding: 10px;
	padding-left: 100px;
	background: url(⏎10/3/2020, 6:20:50 PM TCP recv EOF
⏎10/3/2020, 6:20:50 PM Proxy Error: on rodproxy.rodtests.xyz:3128: HTTP proxy server could not connect to OpenVPN server
⏎10/3/2020, 6:20:50 PM Client terminated, restarting in 2000 ms...
⏎10/3/2020, 6:20:52 PM EVENT: RECONNECTING ⏎10/3/2020, 6:20:52 PM EVENT: WAIT_PROXY ⏎10/3/2020, 6:20:52 PM Contacting 54.255.239.22:3128 via HTTP Proxy
⏎10/3/2020, 6:20:52 PM WinCommandAgent: transmitting bypass route to 54.255.239.22
{
	"host" : "54.255.239.22",
	"ipv6" : false
}

⏎10/3/2020, 6:20:52 PM TO PROXY: CONNECT sg1.rodtests.xyz:1194 HTTP/1.0
Host: www.googlevideo.com
X-Forwarded-For: www.googlevideo.com

⏎10/3/2020, 6:20:52 PM EVENT: WAIT ⏎10/3/2020, 6:20:52 PM FROM PROXY: HTTP/1.1 503 Service Unavailable
Server: squid/4.10
Mime-Version: 1.0
Date: Sat, 03 Oct 2020 10:20:53 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3494
X-Squid-Error: ERR_CONNECT_FAIL 111
Vary: Accept-Language
Content-Language: en

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2019 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!-- 
 /*
 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

/*
 Stylesheet for Squid Error pages
 Adapted from design by Free CSS Templates
 http://www.freecsstemplates.org
 Released for free under a Creative Commons Attribution 2.5 License
*/

/* Page basics */
* {
	font-family: verdana, sans-serif;
}

html body {
	margin: 0;
	padding: 0;
	background: #efefef;
	font-size: 12px;
	color: #1e1e1e;
}

/* Page displayed title area */
#titles {
	margin-left: 15px;
	padding: 10px;
	padding-left: 100px;
	background: url(⏎10/3/2020, 6:20:52 PM TCP recv EOF
⏎10/3/2020, 6:20:52 PM Proxy Error: on rodproxy.rodtests.xyz:3128: HTTP proxy server could not connect to OpenVPN server
⏎10/3/2020, 6:20:52 PM Client terminated, restarting in 2000 ms...
⏎

In my squid proxy server I set:

http_access allow all

and add into the list of safe ports and ssl_ports the port 1194.

Curl response:

Code: Select all

C:\Users\Joe>curl -I -x rodproxy.rodtests.xyz:3128 http://sg1.rodtests.xyz:1194
HTTP/1.1 503 Service Unavailable
Server: squid/4.10
Mime-Version: 1.0
Date: Sat, 03 Oct 2020 10:35:05 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3600
X-Squid-Error: ERR_CONNECT_FAIL 111
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from rodproxy
X-Cache-Lookup: MISS from rodproxy:3128
Via: 1.1 rodproxy (squid/4.10)
Connection: keep-alive

Netstat on openvpnas:

Code: Select all

root@sg1:/usr/local/openvpn_as/scripts# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:904           0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 127.0.0.1:905           0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 127.0.0.1:906           0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 127.0.0.1:907           0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 127.0.0.1:908           0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 127.0.0.1:909           0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 0.0.0.0:943             0.0.0.0:*               LISTEN      31572/python2
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      21441/nginx: master
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      661/systemd-resolve
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1177/sshd
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      31604/openvpn-opens
tcp6       0      0 :::80                   :::*                    LISTEN      21441/nginx: master
tcp6       0      0 :::22                   :::*                    LISTEN      1177/sshd
udp        0      0 127.0.0.1:323           0.0.0.0:*                           6609/chronyd
udp        0      0 127.0.0.53:53           0.0.0.0:*                           661/systemd-resolve
udp        0      0 0.0.0.0:1194            0.0.0.0:*                           31630/openvpn-opens
udp6       0      0 ::1:323                 :::*                                6609/chronyd

Please help.