I was just browsing the Mastering OpenVPN book and a paragraph jumped out at me which basically said that using OpenVPN on port 443 is a common way people try to duck firewalls. Indeed, this is what I do. My clients are all over the place, airports, hotels, different countries etc, and we do seem to have better luck on port 443 tcp than 1194 tcp or udp.
But the book states, as I have just learned just recently coincidentally, that OpenVPN traffic (even running on TCP) does not really look like normal browser TLS traffic. I saw in the release notes I believe, that the new tls-crypt feature helps prevent metadata about auth certificates from being exposed, as well as blocking deep-packet inspections of the traffic. Could anyone possibly elaborate on this? Will this in practice help do mitigate OpenVPN blocking on port 443 in cases where normal TLS 443 traffic is permitted? Also, could anyone elaborate on tis-crypt being “poor man’s quantum” protection Thank you again, Kevin Long ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/intel _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
