new | ask | show | jobs
77pt77 4 days ago  [ - ]

Which is ridiculous because OpenVPN is trivial to identify, even when over TCP since it's different from "regular" HTTPS/SSL traffic.

Why they chose this I have no idea.

You can even port share.

443 -> Web server for HTTPS traffic 443 -> OpenVPN for OpenVPN traffic

Still trivial to identify and not uncommon for even public WiFi to do so.

Since I changed to tailscale+headscale with my own derp server all these issues have disappeared (for now).

moduspol 4 days ago  [ - ]

It’s basically the same as the UDP mode, except wrapped into TCP. Presumably because that’s simpler than redesigning it from the ground up for TCP.

So the handshake and such will not look like a normal TLS handshake.

ranger_danger 2 days ago  [ - ]

SoftEther works over "regular" TLS at least, you can even reverse-proxy it.