Pages:
Author

Topic: Unlimited Bitcoin VPN for .02 BTC (Read 6507 times)

member
Activity: 81
Merit: 1002
It was only the wind.
March 15, 2013, 09:37:40 AM
#47
I'm having trouble connecting behind a firewall. My stunnel.conf follows:

Code:
; **************************************************************************
; * Global options                                                         *
; **************************************************************************

; Debugging stuff (may useful for troubleshooting)
;debug = 7
output = stunnel.log

; Disable FIPS mode to allow non-approved protocols and algorithms
;fips = yes

; **************************************************************************
; * Service defaults may also be specified in individual service sections  *
; **************************************************************************

; Certificate/key is needed in server mode and optional in client mode
;cert = stunnel.pem
;key = stunnel.pem

; Authentication stuff needs to be configured to prevent MITM attacks
; It is not enabled by default!
;verify = 2
; Don't forget to c_rehash CApath
;CApath = certs
; It's often easier to use CAfile
;CAfile = certs.pem
; Don't forget to c_rehash CRLpath
;CRLpath = crls
; Alternatively CRLfile can be used
;CRLfile = crls.pem

; Disable support for insecure SSLv2 protocol
options = NO_SSLv2
; Workaround for Eudora bug
;options = DONT_INSERT_EMPTY_FRAGMENTS

; These options provide additional security at some performance degradation
;options = SINGLE_ECDH_USE
;options = SINGLE_DH_USE

; **************************************************************************
; * Service definitions (at least one service has to be defined)           *
; **************************************************************************

;Now, the service part
compression = zlib
[openvpn]
client = yes
accept = 1194
;Insert the IP or hostname and port here
connect = 74.50.121.181:443

The output from OpenVPN is:

Code:
Fri Mar 15 09:34:33 2013 OpenVPN 2.3.0 x86_64-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Feb  9 2013
Enter Auth Username: *************************
Enter Auth Password: **********
Fri Mar 15 09:34:44 2013 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Fri Mar 15 09:34:44 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Mar 15 09:34:44 2013 Socket Buffers: R=[87380->131072] S=[16384->131072]
Fri Mar 15 09:34:44 2013 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1194 [nonblock]
Fri Mar 15 09:34:44 2013 TCP connection established with [AF_INET]127.0.0.1:1194
Fri Mar 15 09:34:44 2013 TCPv4_CLIENT link local: [undef]
Fri Mar 15 09:34:44 2013 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1194
Fri Mar 15 09:35:44 2013 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Fri Mar 15 09:35:44 2013 TLS Error: TLS handshake failed
Fri Mar 15 09:35:44 2013 Fatal TLS error (check_tls_errors_co), restarting
Fri Mar 15 09:35:44 2013 SIGUSR1[soft,tls-error] received, process restarting
Fri Mar 15 09:35:44 2013 Restart pause, 5 second(s)

Then it printed the same thing again, same result, and I pressed Ctrl+C. I am connected to the internet and can browse the web.
member
Activity: 81
Merit: 1002
It was only the wind.
March 14, 2013, 05:22:16 PM
#43
comment out the stunnel.pem line  Cheesy an seriously please use support tickets on my site as those are monitored 24/7/365 for support.

I kind of prefer the forum, even if it takes longer. I hope you don't mind.
member
Activity: 81
Merit: 1002
It was only the wind.
March 13, 2013, 09:49:23 PM
#41
I ran stunnel with the stunnel.conf (had to comment out the fips = yes line), and I'm getting this:

Code:
stunnel.pem: No such file or directory (2)
Service [openvpn]: Failed to initialize SSL context
str_stats: 10 block(s), 993 data byte(s), 580 control byte(s)
newbie
Activity: 48
Merit: 0
February 18, 2014, 05:27:46 AM
#37
Well I agree that the US is a draconian dictatorship now, however they aren't dragging people to the concentration camps at night quite yet. Although I am looking at moving operations to a more liberty friendly place.

Is the only reason i don't take your service... the US isn't better than EU....
hero member
Activity: 489
Merit: 500
March 21, 2013, 07:04:33 AM
#36
The $1 Secure SSL VPN offer still stands!
hero member
Activity: 489
Merit: 500
March 15, 2013, 12:16:33 PM
#35
After further testing, this is a problem with you local firewall denying connections. You will have to allow incoming and outgoing tcp from and to stunnel on port 443 in whatever firewall you are using. Please do not use this thread for support any longer as the IPs for our VPNs should remain private so national level firewalls don't block them.
hero member
Activity: 489
Merit: 500
March 15, 2013, 12:10:52 PM
#34
Please continue this in a support ticket on our site, I cant disclose the info I need to tell you to resolve this publicly for security reasons.
hero member
Activity: 489
Merit: 500
March 15, 2013, 12:57:34 AM
#33
Thanks for the positive feedback nimda!  Grin
hero member
Activity: 784
Merit: 1000
0xFB0D8D1534241423
March 14, 2013, 10:07:28 PM
#32
Vouching for bitronich's support ticket system. Issues are always resolved quickly.
hero member
Activity: 489
Merit: 500
March 14, 2013, 05:44:01 PM
#31
No it's no problem I just feel bad when it takes hours for my customers to get a simple issue resolved.
hero member
Activity: 489
Merit: 500
March 14, 2013, 05:12:34 PM
#30
comment out the stunnel.pem line  Cheesy an seriously please use support tickets on my site as those are monitored 24/7/365 for support.
hero member
Activity: 489
Merit: 500
March 13, 2013, 09:19:44 PM
#29
I hadn't opened port 443 UDP i was just asking if that would be workable for him in his firewall situation. But for ease of compatibility I am doing TCP via stunnel as stated above.
hero member
Activity: 489
Merit: 500
March 13, 2013, 09:18:17 PM
#28
Okay then you can connect using the stunnel method. I'm going to set it up to listen on port 443 as well. the guide is here: Connecting to OpenVPN using Stunnel

The files are in your client area under downloads. Use the standard libertystunnel.ovpn file I provided and just modify the "connect" port to port 443 in the stunnel.conf I provided in your client area downloads and use that for your stunnel.conf after you have installed stunnel.

If you are using ubnutu 12+: apt-get install stunnel4

Otherwise download your version here: https://www.stunnel.org/downloads.html.

You are going to be connecting over an SSH tunnel on TCP which while that extra encryption layer is secure and will work behind most firewalls may be 10-15% slower.
hero member
Activity: 784
Merit: 1000
0xFB0D8D1534241423
March 13, 2013, 09:13:05 PM
#27
I haven't tested
hero member
Activity: 489
Merit: 500
March 13, 2013, 08:31:44 PM
#26
Would UDP work for you guys on port 443? (UDP is faster then TCP on OpenVPN)
hero member
Activity: 784
Merit: 1000
0xFB0D8D1534241423
March 13, 2013, 06:13:16 PM
#25
Oh, port 443 would be nice. I'm on a restricted (+captive portal) WiFi network a few times per week. So far I've been trying to tunnel traffic through DNS first.
hero member
Activity: 489
Merit: 500
March 12, 2013, 11:23:26 PM
#24
I suppose I could add a TCP stunnel connection on Port 443. Are you administrator on your system?

Also from what I can see RAM usage is minimal, CPU use is minimal and the port is not spiking above 20Mbps. It should not be getting slow what are you using OpenVPN?
hero member
Activity: 489
Merit: 500
March 12, 2013, 11:44:04 AM
#23
Also, I have added a tutorial on using the VPN behind the great firewall of China here: http://www.bitronictech.net/knowledgebase/307/Connecting-to-OpenVPN-Using-Stunnel.html
hero member
Activity: 489
Merit: 500
March 12, 2013, 11:40:10 AM
#22
Ahh and the issue with the order button and requiring a domain name has been fixed.
hero member
Activity: 489
Merit: 500
March 12, 2013, 11:36:49 AM
#21
Sorry, I didn't even see the discussion going on here. Again if you need quick support just shoot me a support ticket via the website. I'm glad to hear everything is working for you now. What would you like to see added to the tutorials pages for the VPN?
Pages:
Jump to: