Some ISPs are throttling, or even blocking, VPN traffic. This tutorial will show you the easiest (but not foolproof) way of getting around this by "masking" your VPN traffic so that it appears to be normal/common HTTPS traffic (SSL websites).
I state that it is not foolproof because: "SSL encryption used by OpenVPN is not exactly the same as 'standard' SSL, and advanced Deep Packet Inspection (of the type increasingly used in places such as China), can tell if encrypted traffic conforms to the ‘real’ SSL/HTP handshake. In such cases alternative methods of evading detection need to be found." - Source
This tutorial assumes that you are using OpenVPN and can be thought of as an extension to my previous openvpn installation tutorials.
Steps
Edit your server.conf file at
[ Before ]
[ After ]
/etc/openvpn/server.conf
and change the port to 443 and the protocol to TCP.
[ Before ]
[ After ]
Optional Firewall Step
If you are running a firewall on your VPN server, don't forget to unblock port 443 as I did!
UFW users
sudo ufw allow 443
iptables rule
iptables -A INPUT -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT
Restart your VPN service on the server.
sudo service openvpn restart
Find the corresponding client.conf file (you should have this on your local computer) and change the port to 443 and the protocol to TCP.
[ Before ]
[ After ]
[ Before ]
[ After ] Now connect to your VPN using your new client conf.
No comments:
Post a Comment