Russia starts blocking VPN at the protocol (WireGuard, OpenVPN) level - eviltoast
  • tool@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    1 year ago

    Is OpenVPN not just SSL traffic?

    It’s not, it’s an IPSec VPN by default which runs over UDP. You can run it via TCP and it operates over the same port as HTTPS (443), but it’s not the same protocol and can be differentiated that way.

    A way around this would be to run an SSLVPN with a landing page where you log in instead of using an IPSec VPN or a dedicated SSLVPN client.

    Another way around it would be to create a reverse SSH tunnel on a VM/VPC in another country/state and send all your traffic through that.

    • tal@kbin.social
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      1 year ago

      Is OpenVPN not just SSL traffic?

      It’s not, it’s an IPSec VPN by default which runs over UDP. You can run it via TCP and it operates over the same port as HTTPS (443), but it’s not the same protocol and can be differentiated that way.

      I think that either I’m misunderstanding what you’re aiming to say, or that this is incorrect.

      OpenVPN can run over UDP or TCP, but it’s not IPSec, not even when running over UDP. IPSec is an entirely separate protocol.