API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 15th, 2018
377
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.14 KB | None | 0 0
raw download clone embed print report
  1. Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
  2. r/VPN
  3.  
  4. Search r/VPN
  5. LOG IN
  6. SIGN UP
  7.  
  8. User account menu
  9. r/VPN
  10. Posts
  11.  
  12.  
  13. Join the discussion
  14. BECOME A REDDITOR
  15.  
  16. 35
  17.  
  18. Posted byu/supamonkey2000
  19. 9 months ago
  20. [Guide] Setup OpenVPN with Obfsproxy to bypass firewalls and DPI (Linux Host, Windows and Android clients)
  21. Hello fellow internet folks! Today I would like to offer a guide for those of you battling firewalls and DPI. You can set up an OpenVPN server with Obfsproxy to bypass firewalls such as the Great China Firewall.
  22.  
  23. This is the link to my tutorial for those who want to set this up.
  24.  
  25. Why am I posting this?
  26. It took me about 3 weeks figuring out all the steps to get this working, with a repeatable list of tasks. Finally I have been able to replicate it on multiple servers and clients. It took me a while because documentation online is very limited for Obfsproxy (at least through my searches). I thought I might make this post so that people in the future don't need to struggle as I did.
  27.  
  28. Why did I need to do this?
  29. My school recently blocked Snapchat as a result of cyberbullying, so all the students turned to VPN services to get around our firewall. To counter that, the school blocked all VPN related protocols, including OpenVPN, using Deep Packet Inspection (DPI). Luckily I found a way to bypass the firewall once again. The only way for them to block it now is with specific port blocking.
  30.  
  31. What hosts, clients, versions, etc work?
  32. For the host, I have got it to work multiple times with Ubuntu 16.04. I have not tried other versions at this time.
  33.  
  34. For the clients, I have got it to work with Windows 7, Windows 10, and Ubuntu 17.04. I have not tried Mac OSX or other Linux versions. iOS will not work, and Android does work with a paid app.
  35.  
  36. I hope this is useful for people! If this doesn't comply with the rules of this sub, please let me know and I can remove it (or a mod can do it).
  37.  
  38. 16 Comments
  39. Share
  40.  
  41. Save
  42.  
  43. 91% Upvoted
  44. This thread is archived
  45. New comments cannot be posted and votes cannot be cast
  46. SORT BY
  47.  
  48. BEST
  49. level 1
  50. Comment deleted
  51. 9 months ago
  52.  
  53.  
  54. level 2
  55. brian20999
  56. 1 point
  57. ·
  58. 9 months ago
  59. Sits down with a bowl of popcorn. Go on...
  60.  
  61. Share
  62. Report
  63. Save
  64.  
  65.  
  66. level 1
  67. TotesMessenger
  68. 6 points
  69. ·
  70. 9 months ago
  71. I'm a bot, bleep, bloop. Someone has linked to this thread from another place on reddit:
  72.  
  73. [/r/openvpn] [Guide] Setup OpenVPN with Obfsproxy to bypass firewalls and DPI (Linux Host, Windows and Android clients) (x-post r/vpn)
  74.  
  75. If you follow any of the above links, please respect the rules of reddit and don't vote in the other threads. (Info / ^Contact)
  76.  
  77. Share
  78. Report
  79. Save
  80.  
  81.  
  82. level 1
  83. tigger1991
  84. 1 point
  85. ·
  86. 9 months ago
  87. To counter that, the school blocked all VPN related protocols, including OpenVPN, using Deep Packet Inspection (DPI).
  88.  
  89. If you're using Linux, could you try Wireguard as well (on port 443).
  90.  
  91. I would be interested if the DPI also blocks Wireguard.
  92.  
  93. Share
  94. Report
  95. Save
  96.  
  97.  
  98. level 2
  99. zkyez
  100. 2 points
  101. ·
  102. 9 months ago
  103. Udp on port 443 will probably be blocked. Https works over tcp, wireguard is udp.
  104.  
  105. Share
  106. Report
  107. Save
  108.  
  109.  
  110. level 1
  111. Visticous
  112. 1 point
  113. ·
  114. 9 months ago
  115. Thanks for the guide.
  116.  
  117. Just a question, considering your use case: would it not be easier to just ignore the school network and use your data carrier? If i had the same problem at the office, I would just stop using office WiFi.
  118.  
  119. Share
  120. Report
  121. Save
  122.  
  123.  
  124. level 2
  125. supamonkey2000
  126. 1 point
  127. ·
  128. 9 months ago
  129. I could, however I don't have an unlimited data plan. Also, the school has pretty terrible cell service so most of the time I don't have data anyways.
  130.  
  131. Share
  132. Report
  133. Save
  134.  
  135.  
  136. level 1
  137. JayCroghan
  138. 1 point
  139. ·
  140. 9 months ago
  141. Any good recommendations for a fast network VPS to use to set this up? I'm using bHost and it's god awful.
  142.  
  143. Share
  144. Report
  145. Save
  146.  
  147.  
  148. level 2
  149. supamonkey2000
  150. 1 point
  151. ·
  152. 9 months ago
  153. I would personally go with Amazon, but it might get expensive at times. You could also try 1&1 for hosting, although I haven't used them for VPS, only domain names. In Alberta Canada we have a free VPS provider for people living in Alberta: it uses OpenStack I believe, so try finding a free OpenStack provider
  154.  
  155. Share
  156. Report
  157. Save
  158.  
  159.  
  160. level 3
  161. JayCroghan
  162. 1 point
  163. ·
  164. 9 months ago
  165. AWS is the definition of expensive if I only want to run a VPS for a VPN :(
  166.  
  167. Share
  168. Report
  169. Save
  170.  
  171.  
  172. level 1
  173. Stalwart-Lover
  174. 1 point
  175. ·
  176. 9 months ago
  177. Forgive me this might be a dumb question, but why do you specify two ports in the guide? Wouldn't it be best to route all traffic through 1 port like http or https (since most others are usually blocked, at least on my network).
  178.  
  179. Share
  180. Report
  181. Save
  182.  
  183.  
  184. level 2
  185. supamonkey2000
  186. 1 point
  187. ·
  188. 9 months ago
  189. Do you mean 10194 and 21194? 21194 is used to connect to the server, 10194 is used to connect to the proxy on your local client. I suppose there's no harm in using a single port, I just haven't tried it myself. And it would make sense to use a possibly unblocked port, however in my case I already have a few other protocols using their regular ports (such as 443 for HTTPS and 80 for redirecting to 443)
  190.  
  191. Share
  192. Report
  193. Save
  194.  
  195.  
  196. level 1
  197. alexandre9099
  198. 1 point
  199. ·
  200. 3 months ago
  201. Website is offline
  202.  
  203. Share
  204. Report
  205. Save
  206.  
  207.  
  208. level 2
  209. andyytan
  210. 1 point
  211. ·
  212. 3 months ago
  213. I can't find cached version of that site. Did you find any?
  214.  
  215. Edit: I FOUND IT! HERE
  216.  
  217. Share
  218. Report
  219. Save
  220.  
  221.  
  222. level 3
  223. alexandre9099
  224. 1 point
  225. ·
  226. 3 months ago
  227. hmm "Could not find the requested document in the cache."
  228.  
  229. Share
  230. Report
  231. Save
  232.  
  233.  
  234. level 4
  235. andyytan
  236. 2 points
  237. ·
  238. 3 months ago
  239. ·
  240. edited 3 months ago
  241. Uhhhhhhh it was working 2 hours ago now it's gone. Classic Bing
  242.  
  243. Edit again: I managed to get the cache from my browser. You can download from my drive if you want
  244.  
  245. Share
  246. Report
  247. Save
  248.  
  249.  
  250. level 5
  251. alexandre9099
  252. 1 point
  253. ·
  254. 3 months ago
  255. oh thanks, i also found a guide on openvpn website https://community.openvpn.net/openvpn/wiki/TrafficObfuscation#Useobfsproxy not sure if it is similar
  256.  
  257. Share
  258. Report
  259. Save
  260. level 1
  261. Comment deleted
  262. 9 months ago
  263. level 2
  264. Comment deleted
  265. 9 months ago
  266. level 3
  267. Comment deleted
  268. 9 months ago
  269. COMMUNITY DETAILS
  270. r/VPN
  271. 57.2k
  272.  
  273. Subscribers
  274. 261
  275.  
  276. Online
  277. *** ##[Virtual Private Network](https://en.wikipedia.org/wiki/Virtual_private_network) Create a secure communication channel over an insecure network (like the Internet). References for understanding and building VPNs ***
  278.  
  279. SUBSCRIBE
  280. CREATE POST
  281.  
  282. R/VPN RULES
  283. 1.
  284. Don't be abusive.
  285. 2.
  286. No commercial/affiliate links.
  287. 3.
  288. No irrelevant personal sites.
  289. 4.
  290. Use your service's official support channel.
  291. 5.
  292. Be vendor neutral.
  293. 6.
  294. Link to subs, not specific posts.
  295. 7.
  296. Back up your claims with proof.
  297. 8.
  298. Read Reddit's Reddiquette, Rules, and FAQ.
  299. 9.
  300. Defamatory Statements
  301. 10.
  302. Recommendation Request
  303.  
  304. About
  305. Careers
  306. Press
  307. Advertise
  308. Blog
  309. Help
  310. The Reddit App
  311. Reddit Coins
  312. Reddit Premium
  313. Reddit Gifts
  314. Content Policy| Privacy Policy
  315. User Agreement| Mod Policy
  316. © 2018 Reddit, Inc. All rights reserved
  317. BACK TO TOP
  318. Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.
  319. I AGREE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!