![]() Note: I used OpenVPN Access Server in the past since it was easy to setup.Download Username and Password: DownloadI'm gonna share Zbigz premium account for free today. My file /etc/apache2/nf is configured like this: Listen 80Īnd my Apache SSL configuration in /etc/apache2/sites-enabled/nf starts like this: I replaced with 127.0.0.1 and with 4443 since I configured Apache to listen on port 4443. In my case I did not need to do the command for the key _rvice and I used the command service openvpnas restart instead of. sacli -key "_share.port" -value ConfigPut sacli -key "_share.ip_address" -value ConfigPut sacli -key "_rvice" -value "custom" ConfigPut sacli -key "_share.enable" -value "true" ConfigPut If someone is using OpenVPN Access Server, you have to go to /usr/local/openvpn_as/scripts/ (for example on Debian) and execute these command: It looks like there is no way to have the real IP address of the visitor in Apache logs if we are using OpenVPN's port-share ( ), so I used the tool SSLH in transparent mode: This is a problem if you want to know the origin of a connection or want to use a tool like fail2ban. Update: I noticed that the IP address of website visitors will always be 127.0.0.1 in web server logs. Oct 6 01:13:21 ns1 openvpn: Data Channel MTU parms Oct 6 01:13:21 ns1 openvpn: Control Channel MTU parms Oct 6 01:13:21 ns1 openvpn: LZO compression initialized The messages entry for a HTTPS connection is Oct 6 01:13:21 ns1 openvpn: Re-using SSL/TLS context The request ends up on Apache, since I see in the error logs the following messages: Invalid method in request \x16\x03\x01 ![]() (Error code: ssl_error_rx_record_too_long)Ĭurl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol ![]() SSL received a record that exceeded the maximum permissible length. My OpenVPN client connects just fine, but when opening the HTTPS enabled page, I get errors. I'm trying to set up OpenVPN to listen on port 443, and then pass all HTTPS traffic to Apache, by using the port-share option. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |