| 33 | |
| 34 | == A quick obfsproxy setup == |
| 35 | |
| 36 | This setup will start obfsproxy on your openvpn server, listening to the port 21194. On the client it will start a obfsproxy serving as a SOCKS proxy, listening on the client on port 10194. The part which says "<some-random-key>" needs to be the same value on both server and client. The key can be a longer text string, with just random letters. I'd recommend to keep it long (at least 32 characters, which is 256 bits). |
| 37 | |
| 38 | === Client side === |
| 39 | Add the following lines to your existing openvpn config file: |
| 40 | |
| 41 | {{{ |
| 42 | socks-proxy-retry |
| 43 | socks-proxy 127.0.0.1 10194 |
| 44 | }}} |
| 45 | |
| 46 | and change the --remote option to be |
| 47 | {{{ |
| 48 | remote <YOUR-VPN-SERVER> 21194 |
| 49 | }}} |
| 50 | |
| 51 | That is, changing the port number to match the port number the server side obfsproxy will listen to. |
| 52 | |
| 53 | Then start the obfsproxy like this: |
| 54 | |
| 55 | {{{ |
| 56 | [user@host: ~] $ obfsproxy --log-file=obfsproxy.log --log-min-severity=info obfs2 \ |
| 57 | --shared-secret=<some-random-key> socks 127.0.0.1:10194 |
| 58 | }}} |
| 59 | |
| 60 | === Server side === |
| 61 | Here we tell obfsproxy to listen to TCP port 21194 and to send any obfsproxy clients to the OpenVPN server, listening on 127.0.0.1, port 1194. And remember to allow TCP connections from the "outside" to port 21194 in your firewall config. Start obfsproxy like this: |
| 62 | {{{ |
| 63 | [user@host: ~] $ obfsproxy --log-file=obfsproxy.log --log-min-severity=info obfs2 \ |
| 64 | --dest=127.0.0.1:1194 --shared-secret=<some-random-key> server 0.0.0.0:21194 |
| 65 | }}} |
| 66 | |
| 67 | The OpenVPN server needs in this case just this line in the config: |
| 68 | {{{ |
| 69 | port 1194 |
| 70 | }}} |
| 71 | |
| 72 | That's all the magic, and should be a complete working setup. |
| 73 | |