How to use obfsproxy with openvpn web access server ?

December 5, 2015 4.4k views
VPN Networking Ubuntu

How to use obfsproxy with openvpn web access server ?
Hello i am a bit newbie to this community. I want to setup a VPN that workd in china. In china openVPN handshakes are being blocked, people are using obfsproxy to cloak their traffic and bypass restriction.
I have installed web access server from open VPN. I followed below steps but after rebooting my server hangs i tired turning power off and on still does not work. Here is what i did.

create a new droplet

Droplet Name: VPN
IP Address: 104.236.130.91
Username: root
Password: eae71a3fb42d0266

Changed password
apt-get update
wget http://swupdate.openvpn.org/as/openvpn-as-2.0.21-Ubuntu14.amd_64.deb
dpkg -i op Press TAB

passwd openvpn
Mynew password for open vpn
password will be updated sucessfully.
ovpn-init
DELETE
yes
KEEP ON CLICKING ENTER ENTER
all interfaces or 1
Login to web interface.
go to Server Network Settings change protocol to tcp on 443
Obfs proxy -> http://safesrv.net/setup-openvpn-with-obfsproxy-on-ubuntu/
sudo nano /etc/apt/sources.list
my version is Ubuntu 14.04 LTS (Trusty Tahr)
deb http://deb.torproject.org/torproject.org trusty main
ctrl+x and save as same name
gpg --keyserver keys.gnupg.net --recv 886DDD89
apt-get update
apt-get install deb.torproject.org-keyring
apt-get install obfsproxy
sudo nano /etc/rc.local
add line below this above to exit 0 line.
obfsproxy --log-file=obfsproxy.log --log-min-severity=info obfs2 --dest=127.0.0.1:443 server 0.0.0.0:21194
reboot my machine freezes here :(

1 comment
  • don't put the line to start the obfsproxy server into /etc/rc.local until you know it works
    instead do it manually, and specify --log-min-severity=debug
    and you should have it as
    server 104.236.130.91:21194

    assume you mean server side
    (obfsproxy is listening on 21194)
    (openvpn tcp is listening on 443)

    This might help
    https://scramblevpn.wordpress.com/2015/01/10/obfsproxy-server/

    =============================================================

    =============================================

    nano /usr/local/bin/server_scramblesuit.sh

    #!/bin/bash
    # Persistent data (the server's state) is stored in
    # /tmp/scramblesuit-server
    python /usr/local/bin/obfsproxy \
    --no-log \
    --data-dir=/tmp/scramblesuit-server \
    scramblesuit \
    --password=JNI3LYK2VZM3UY37WEALJQ442VFYX6ZS \
    --dest 127.0.0.1:443 \
    server 104.236.184.252:53
    

    chmod +x /usr/local/bin/serverscramblesuit.sh
    /usr/local/bin/server
    scramblesuit.sh &

    ################################################

    sudo nano /usr/local/bin/clientdoscramblesuit.sh

    #!/bin/bash
    # The obfsproxy client's session ticket is stored in
    # /tmp/scramblesuit-client
    
    python /usr/local/bin/obfsproxy \
    --log-min-severity=debug \
    --data-dir=/tmp/scramblesuit-client \
    scramblesuit \
    --password=JNI3LYK2VZM3UY37WEALJQ442VFYX6ZS \
    --dest 104.236.184.252:53 \
    client 10.0.0.10:1196 
    

    sudo chmod +x /usr/local/bin/clientdoscramblesuit.sh
    sudo /usr/local/bin/clientdoscramblesuit.sh &

    Modify Client script to connect to Raspberry PI at 10.0.0.10 1196 tcp

    setenv FORWARD_COMPATIBLE 1
    client
    server-poll-timeout 4
    nobind

    remote 104.236.184.252 1194 udp remote 104.236.184.252 1194 udp remote 104.236.184.252 443 tcp remote 104.236.184.252 1194 udp remote 104.236.184.252 1194 udp remote 104.236.184.252 1194 udp remote 104.236.184.252 1194 udp remote 104.236.184.252 1194 udp

    remote 10.0.0.10 1196 tcp
    dev tun

1 Answer

don't put the text into /etc/rc.local until you know it works

instead do it manually and specify
--log-min-severity=debug
also its
server 104.236.130.91:21194

this might help
https://scramblevpn.wordpress.com/2015/01/10/obfsproxy-server/

I can confirm openvpn-AS works fine on digitalocean with scramblesuit obfsproxy

Have another answer? Share your knowledge.