On 06.05.19 16:57, Jan Just Keijser wrote: > Hi Michael, > > On 06/05/19 15:18, mich...@fritscher.net wrote: >> Hello, >> >> is there a way to use OpenVPN without a TUN/TAP device? E.g. by having >> a SOCKS server, accept & forward connections to localhost - or even >> plain stdin/out? >> For the first one I've seen >> https://community.openvpn.net/openvpn/ticket/577 . >> >> This would be very nice because this way, OpenVPN could be used >> without admin privileges and in some scenarious where a virtual >> network device isn't desired. >> As a very crude workaround I'm using qemu with its SLIRP network in >> usermode, which is slow with Windows as host, even with haxm or MS >> Hyper-V Plattform (aka WHPX). >> > this question has been asked before. The short answer is: no, this is > not possible > The longer answer is: no, this is actually very hard and you would > never be able to get functionality working without a tun/tap device > > The more elaborate answer is: I am not sure what would be feasible > without a tun/tap device, and esp wihtout admin privileges - openvpn is > about routing network traffic and for that you almost always should (and > will) need some form of admin privileges. > What *could* work is the same kind of stuff that works over a SOCKS > proxy - but then why bother with OpenVPN, as a lot of software can be > made to use SOCKS. What is *very* hard to get right is UDP traffic - > look for a working UDP-over-SOCKS implementation to see why. > > HTH, > > JJK >
Hello Jan, thanks for your answer! My usecase is to use the whole "backend" of OpenVPN (crypto, authentification, key management, control/data channel management, adaptive compression etc.) for a set of self-made applications. I could adapt the applications to every kind of connection which is needed to "speak" with OpenVPN. So, the diagram would be something like <self made Programs>-(*)-<openVPN>----"Internet" and the other way around. The missing link is (*) - as I said it could be almost everything (while I'm preferring something at least packet orientated...). If this interface can only handle one connection - ok for me, then I'll build a combiner. If would speak e.g. SLI(R)P - ok for me as well. Best regards, Michael Fritscher _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
