Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I bought a Mikrotik a month or two ago, expressly so I could install OpenWRT on it, and use it to get around the Chinese firewall with Shadowsocks. The OpenWRT install never worked, so now I just have a (pretty nice) router, doing what routers are supposed to do. It's long since that OpenVPN didn't work in China, but this should provide a good learning experience, and who knows, maybe it will lead me to something that works.


To get around GFW, use openconnect instead. That is as or more secure than OpenVPN, and not current filtered.


> That is as or more secure than OpenVPN

How does it achieve that? They both use TLS, in both, you can pick your ciphers.

Additionaly, they both use OpenSSL, which is often found buggy and the ciphers are not hw accelerated.


OpenVPN uses its own non-TLS UDP protocol to carry traffic (with an optional TCP fallback), and only uses TLS for connection setup. ref: https://wiki.wireshark.org/OpenVPN


OpenVPN does not support many of the more secure ciphers in TLS, while openconnect does.


Apparently SoftEther works really well for that and the developers have a free VPN service called vpngate. Worth a try? :-)


FWIW I've never had any issues with OpenVPN tunneled over SSH




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: