Re: [stunnel-users] behaviour when using 127.0.0.1 in the 'connect' field

Tue, 10 Mar 2020 02:47:47 -0700 

On Tue, Mar 10, 2020 at 01:25:33PM +0800, Kelly Trinh wrote:
[formatting fixed a bit]
> Hi all - just want to report a problem I solved recently but wanted to
> get some insights on what was causing the problem.
> 
> About me - learnt some unix at university (20 years ago) but nothing too
> serious.  Recently (1 month ago) acquired own domain name and now poking
> around the cloud computing / VPS thing.
> 
> Project - hand-rolling my own VPN setup on a Ubuntu 18.04 VPS.  OpenVPN
> is easy since it is a git-clone thing and then just follow the
> openvpn-install script.  I wanted to add on the Stunnel wrapper because
> intended to use the VPN in China and apparently their firewall does deep
> packet inspection and can recognize (and block) openvpn traffic.
> 
> Problem - when I set up my stunnel using 127.0.0.1 as the connect
> destination; it doesn't seem to work (I can see from openvpn window that
> things seem to pipe through stunnel but then immediately the connection
> is terminated).  If I replace the 127.0.0.1 with IP of the box I am
> using (say for example 1.2.3.4); everything works!  The FQDN is ok as
> well; as long as I don't use 127.0.0.1
> 
> Specifically the stunnel.conf:
> 
> [OpenVPN]
> Accept = 443  # clients connect through 443 to further avoid potential 
> blocking
> Connect = 127.0.0.1:1194   #<- this line won't work; but if I replace with 
> 1.2.3.4:1194 then it will work!
> 
> Question - My problem is fixed but I am curious if there is any insights
> on why this is happening given that 1.2.3.4 and 127.0.0.1 are the same
> machine?

Hi,

Could you post:
- your full stunnel config, not just this snippet
- the logfile of stunnel when you have it configured to connect to
  127.0.0.1 and you attempt a connection
- the output of `lsof -P -n -i tcp:443,1194` as root just after
  the connection fails (you may need to `apt install lsof` beforehand)

Thanks in advance!

G'luck,
Peter

-- 
Peter Pentchev  roam@{ringlet.net,debian.org,FreeBSD.org} [email protected]
PGP key:        http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint 2EE7 A7A5 17FC 124C F115  C354 651E EFB0 2527 DF13

Attachment: signature.asc
Description: PGP signature

_______________________________________________
stunnel-users mailing list
[email protected]
https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users

Reply via email to