Connecting OpenVPN wih Proxy Setting [Need Your Experiences]
Posted: Wed Dec 05, 2018 9:11 pm
A small, affordable computer with free resources to help people learn, make things, and have fun
but it's very likely that's exactly what you're looking for.Connect to remote host through an HTTP proxy at address server and port port. If HTTP Proxy-Authenticate is required, authfileis a file containing a username and password on 2 lines, or “stdin” to prompt from console.auth-method should be one of “none”, “basic”, or “ntlm”.
Advantages: your ISP will think you're just websurfing (unless they have a layer 7 deep packet inspection solution, like this one for example). Also it works even if there's a firewall which blocks OpenVPN port 1194 but not http proxy (usually port 8080).
Normally OpenVPN connects directly to the server. That means UDP/TCP packets sent to port 1194 (by default). With proxy, that communication is wrapped in a HTTP protocol, meaning OpenVPN will send http packets to the proxy, and the proxy will connect to the vpn server.**What does exactly makes Proxy setting on OpenVPN connection? I mean what is the role of Proxy in this scenario?
Use netstat on your local machine. Without proxy, you should see connections to the vpn server port 1194 (or whatever port your vpn server is using). With proxy, you'll only see connections to the proxy server on port 8080 (or whatever port the proxy is using).***How can i test the connection in this scenario? I mean i am connecting with Italy OVPN TCP file and writing Sweden Proxy servers to the Proxy section.
If you have set up everything correctly, you won't see any Swedish IP, because proxy is used to carry the packets which implements the tunnel itself, and your normal traffic will be routed INSIDE the tunnel.When i check my IP, it is Italy IP. But what is doing Sweden Proxy in this scenario?
Wrap http in some encrypted channel. Normally that would be SSL. If you use a https, then all the http headers (including the user/pass) will be encrypted with a cryptographically sound algorithm. Alternatively you can do an assymetric key based SSL authentication in the SSL/TLS layer using certs which is much much safer than http auth. But you may not be able to change the vpn provider's auth configuration if you don't own that server, so this may be not an option for you.
I think your original idea should work: use tor as proxy, and use OpenVPN on top of that configured for socks proxy (which would be localhost:9050). But since you can already use tor, I'm not sure you need a vpn at all. Unless you want to use some special software which does not support socks proxy and torification in the first place (*). If all you need is web, then tor alone with an obfs bridge will suffice, no need for vpn.And what do you advise me for this scenario? Imagine you can't connect OpenVPN without proxy but you want to connect. What did you do? You can connect with proxy at the same time but as you said there is some security flaws available.
Thanks, wish the same to you too!Thanks in advance.
Have a happy life with your loved ones.