Many administrators will have detection technologies such as IDS/IPS to detect and prevent open VPN connections. One method to get around this is levering stunnel. Stunnel creates secure communication between a TCP client and server by hiding inside another SSL envelope. This is done by acting like an SSL encryption wrapper between the remote client and server using industry-standard crypto libraries such as OpenSSL. What makes stunnel cool is it adds SSL functionality to commonly used daemons like POP2, POP3, and IMAP servers without any changes in the program's code.
To use stunnel, you first need to download the code using the apt-get install stunnel4 –y
command as shown in the following screenshot:
You may get a message that the latest version of stunnel is already installed.
You will need to create a file called stunnel.conf
inside the /etc/stunnel/
directory. You can use your favorite text editor such as nano or vi
to create the file.
The following will be configured and entered...