Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Press J to jump to the feed. Press question mark to learn the rest of the keyboard shortcuts
- r/VPN
- Search r/VPN
- LOG IN
- SIGN UP
- User account menu
- r/VPN
- Posts
- Join the discussion
- BECOME A REDDITOR
- 35
- Posted byu/supamonkey2000
- 9 months ago
- [Guide] Setup OpenVPN with Obfsproxy to bypass firewalls and DPI (Linux Host, Windows and Android clients)
- Hello fellow internet folks! Today I would like to offer a guide for those of you battling firewalls and DPI. You can set up an OpenVPN server with Obfsproxy to bypass firewalls such as the Great China Firewall.
- This is the link to my tutorial for those who want to set this up.
- Why am I posting this?
- It took me about 3 weeks figuring out all the steps to get this working, with a repeatable list of tasks. Finally I have been able to replicate it on multiple servers and clients. It took me a while because documentation online is very limited for Obfsproxy (at least through my searches). I thought I might make this post so that people in the future don't need to struggle as I did.
- Why did I need to do this?
- My school recently blocked Snapchat as a result of cyberbullying, so all the students turned to VPN services to get around our firewall. To counter that, the school blocked all VPN related protocols, including OpenVPN, using Deep Packet Inspection (DPI). Luckily I found a way to bypass the firewall once again. The only way for them to block it now is with specific port blocking.
- What hosts, clients, versions, etc work?
- For the host, I have got it to work multiple times with Ubuntu 16.04. I have not tried other versions at this time.
- For the clients, I have got it to work with Windows 7, Windows 10, and Ubuntu 17.04. I have not tried Mac OSX or other Linux versions. iOS will not work, and Android does work with a paid app.
- I hope this is useful for people! If this doesn't comply with the rules of this sub, please let me know and I can remove it (or a mod can do it).
- 16 Comments
- Share
- Save
- 91% Upvoted
- This thread is archived
- New comments cannot be posted and votes cannot be cast
- SORT BY
- BEST
- level 1
- Comment deleted
- 9 months ago
- level 2
- brian20999
- 1 point
- ·
- 9 months ago
- Sits down with a bowl of popcorn. Go on...
- Share
- Report
- Save
- level 1
- TotesMessenger
- 6 points
- ·
- 9 months ago
- I'm a bot, bleep, bloop. Someone has linked to this thread from another place on reddit:
- [/r/openvpn] [Guide] Setup OpenVPN with Obfsproxy to bypass firewalls and DPI (Linux Host, Windows and Android clients) (x-post r/vpn)
- If you follow any of the above links, please respect the rules of reddit and don't vote in the other threads. (Info / ^Contact)
- Share
- Report
- Save
- level 1
- tigger1991
- 1 point
- ·
- 9 months ago
- To counter that, the school blocked all VPN related protocols, including OpenVPN, using Deep Packet Inspection (DPI).
- If you're using Linux, could you try Wireguard as well (on port 443).
- I would be interested if the DPI also blocks Wireguard.
- Share
- Report
- Save
- level 2
- zkyez
- 2 points
- ·
- 9 months ago
- Udp on port 443 will probably be blocked. Https works over tcp, wireguard is udp.
- Share
- Report
- Save
- level 1
- Visticous
- 1 point
- ·
- 9 months ago
- Thanks for the guide.
- Just a question, considering your use case: would it not be easier to just ignore the school network and use your data carrier? If i had the same problem at the office, I would just stop using office WiFi.
- Share
- Report
- Save
- level 2
- supamonkey2000
- 1 point
- ·
- 9 months ago
- I could, however I don't have an unlimited data plan. Also, the school has pretty terrible cell service so most of the time I don't have data anyways.
- Share
- Report
- Save
- level 1
- JayCroghan
- 1 point
- ·
- 9 months ago
- Any good recommendations for a fast network VPS to use to set this up? I'm using bHost and it's god awful.
- Share
- Report
- Save
- level 2
- supamonkey2000
- 1 point
- ·
- 9 months ago
- I would personally go with Amazon, but it might get expensive at times. You could also try 1&1 for hosting, although I haven't used them for VPS, only domain names. In Alberta Canada we have a free VPS provider for people living in Alberta: it uses OpenStack I believe, so try finding a free OpenStack provider
- Share
- Report
- Save
- level 3
- JayCroghan
- 1 point
- ·
- 9 months ago
- AWS is the definition of expensive if I only want to run a VPS for a VPN :(
- Share
- Report
- Save
- level 1
- Stalwart-Lover
- 1 point
- ·
- 9 months ago
- Forgive me this might be a dumb question, but why do you specify two ports in the guide? Wouldn't it be best to route all traffic through 1 port like http or https (since most others are usually blocked, at least on my network).
- Share
- Report
- Save
- level 2
- supamonkey2000
- 1 point
- ·
- 9 months ago
- Do you mean 10194 and 21194? 21194 is used to connect to the server, 10194 is used to connect to the proxy on your local client. I suppose there's no harm in using a single port, I just haven't tried it myself. And it would make sense to use a possibly unblocked port, however in my case I already have a few other protocols using their regular ports (such as 443 for HTTPS and 80 for redirecting to 443)
- Share
- Report
- Save
- level 1
- alexandre9099
- 1 point
- ·
- 3 months ago
- Website is offline
- Share
- Report
- Save
- level 2
- andyytan
- 1 point
- ·
- 3 months ago
- I can't find cached version of that site. Did you find any?
- Edit: I FOUND IT! HERE
- Share
- Report
- Save
- level 3
- alexandre9099
- 1 point
- ·
- 3 months ago
- hmm "Could not find the requested document in the cache."
- Share
- Report
- Save
- level 4
- andyytan
- 2 points
- ·
- 3 months ago
- ·
- edited 3 months ago
- Uhhhhhhh it was working 2 hours ago now it's gone. Classic Bing
- Edit again: I managed to get the cache from my browser. You can download from my drive if you want
- Share
- Report
- Save
- level 5
- alexandre9099
- 1 point
- ·
- 3 months ago
- oh thanks, i also found a guide on openvpn website https://community.openvpn.net/openvpn/wiki/TrafficObfuscation#Useobfsproxy not sure if it is similar
- Share
- Report
- Save
- level 1
- Comment deleted
- 9 months ago
- level 2
- Comment deleted
- 9 months ago
- level 3
- Comment deleted
- 9 months ago
- COMMUNITY DETAILS
- r/VPN
- 57.2k
- Subscribers
- 261
- Online
- *** ##[Virtual Private Network](https://en.wikipedia.org/wiki/Virtual_private_network) Create a secure communication channel over an insecure network (like the Internet). References for understanding and building VPNs ***
- SUBSCRIBE
- CREATE POST
- R/VPN RULES
- 1.
- Don't be abusive.
- 2.
- No commercial/affiliate links.
- 3.
- No irrelevant personal sites.
- 4.
- Use your service's official support channel.
- 5.
- Be vendor neutral.
- 6.
- Link to subs, not specific posts.
- 7.
- Back up your claims with proof.
- 8.
- Read Reddit's Reddiquette, Rules, and FAQ.
- 9.
- Defamatory Statements
- 10.
- Recommendation Request
- About
- Careers
- Press
- Advertise
- Blog
- Help
- The Reddit App
- Reddit Coins
- Reddit Premium
- Reddit Gifts
- Content Policy| Privacy Policy
- User Agreement| Mod Policy
- © 2018 Reddit, Inc. All rights reserved
- BACK TO TOP
- Cookies help us deliver our Services. By using our Services or clicking I agree, you agree to our use of cookies. Learn More.
- I AGREE
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement