Connecting via an HTTP proxy
As stated in the previous recipe, it is not possible to directly connect to an OpenVPN server under certain circumstances. In such cases, OpenVPN can connect to an OpenVPN server via an intermediary host known as a proxy. This recipe will outline how to access an OpenVPN server via an HTTP proxy.
The HTTP proxy used in this recipe is a Linux-based Apache httpd
server with the mod_proxy
module loaded. This module can be configured to allow CONNECT
requests. This type of request is needed to connect to secure web servers (HTTPS) as well as to an OpenVPN server. If the CONNECT
request is not allowed, then the HTTP proxy cannot be used to set up an OpenVPN connection.
Getting ready
We use the following network layout:
Set up the client and server certificates using the first recipe from Chapter 2, Client-server IP-only Networks. For this recipe, the server computer was running CentOS 5 Linux and OpenVPN 2.1.1. The client was running Fedora 13 Linux and OpenVPN 2.1.1...