OpenVPN Over SSL
There may be times when you don’t want the network operator of the network you are on to know you are using a VPN. Even though they can’t see into the VPN connection you may want to not even let them be able to realize that it exists.
Some networks use deep packet inspection to detect OpenVPN packets and disrupt or block them.
The solution for both of these issues is to put OpenVPN inside of a standard SSL connection. This connection looks just like a web browser https: web connection. The same as when you see https in your browser address bar with a lock.
The price for this level of anonymity is speed. You will notice a significant reduction in speed using this method. So for most purposes we recommend the regular VPN. There is no difference in security between the two methods.
Currently only available for Windows.
To set this up on Windows:
Download Stunnel from the link we sent you or from the Stunnel web site. Save to your hard drive and then right click and select Run as Administrator to install.
Agree to the terms that pop up.
Click on Next
Click on Install
You now will create a certificate for your install of Stunnel. This is not used in securing the connection for OpenVPN. It is just a step in the install process since Stunnel is used for other things as well. Since the certificate you create will not be used in this application you can enter any information in the fields and just proceed. On each line enter some information then click enter. After the last line when you click enter it will go to the next screen.
Installation is complete. Click on close.
From the start menu start Stunnel by right clicking and selecting Run as Administrator.
The control icon opens in the task bar. Double click on it to launch the Stunnel GUI
Click on Configuration and then Click on Edit Configuration
Enter the configuration options we provided where shown above.
Save and exit.
Click on Reload Configuration in the Stunnel menu. This will restart Stunnel with your new settings.
Which server is selected is based on which SSL server is active in the configuration.
Inactive connections have a ; in front of them.
Only one connection should be active and not have a ; in front of it at any time.
Reloading the configuration makes changes you made active.
Successful SSL connection.
Now go to OpenVPN and connect using the Stunnel connection and OpenVPN will go over the Stunnel SSL connection and be hidden.