How to use OpenVPN through a restrictive firewall?

Solution 1:

Connections being cut off after a length of time sometimes indicate a bytes-per-second type of limit. Try seeing if slowing down your VPN connection works. Also if you have OpenVPN configured for UDP try TCP (443 UDP may be blocked whereas 443 TCP may go undetected).

Visit a well known site that uses SSL and check the certificate. Then do the same at home. If they don't match then your location is using a transparent HTTPS SSL proxy and can actually see your HTTPS traffic.

It's possible something that isn't port 443 isn't watched so closely. Try 22.

It may sound stupid but try doing it over port 80 and see what you get. You also may try setting up an HTTP tunnel between you and the VPS to make the traffic look like HTTP requests.

If you are feeling insane, try iodine.

Solution 2:

I think i know why the stunnel methode behaves like that. It's because you net to set an "static route" for stunnel server. Let me explain that. When you connect to an openvpn server it changes your routing table and route all your packets trough the vpn ,except the openvpn packets. actualy openvpn will add a route for your server ip address. But when you using stunnel to connect to your openvpn server you will connect openvpn to a loopback interface and there is no route to your server outside your vpn, so stunnel packets want to go to server and they going to your vpn and your vpn packets going to stunnel :)

So you need to add a route to your server ip that going outside your vpn (your home router).

And for problem with method port 443 i ganna say that maybe your the firewall using SPI or DPI and the can easily make diffrent openvpn packets from https (ssl) packets. So best way is to use stunnel, or if firewall blocks ssl packets it's better to use obfsproxy or fteproxy to bypass it.

(i know that post is to old but i was looking for answer about the same problem for weeks ,so i wanted to share what i learnd about this)