- TS TS
- #61
Last edited by a moderator:
- Status
Shiro Yuki
Addict
Mababawasan narin yung benta ng sim ng globe 
Last edited by a moderator:
May way
please read
Quote: "A new internet traffic monitoring technology known as Deep Packet Inspection (DPI) has been proven to successfully block OpenVPN traffic regardless of the port used being 80, 443 or even 53. To sum up: everyone who uses the internet needs to be aware of Deep Packet Inspection. DPI is a next-generation technology capable of inspecting every byte of every traffic packet that passes through a DPI device, that means packet headers, types of applications and actual packet content in real time which were previously impossible to do using advanced proxies, or stateful firewalls systems.
There are now many Deep Packet Inspection products that can tell that you are trying to use OpenVPN over port 443 instead of normal HTTPS and drop the traffic. For example if your OpenVPN connection works for a few seconds or minutes and then stops when the cause is not server related then there is the possibility that your ISP is using DPI. OpenVPN does not "hide" itself from firewalls, modern firewalls with deep packet inspection can easily see that it's OpenVPN traffic flowing over the port instead of real HTTPS traffic. It is important to understand that OpenVPN doesn't use the SSL wire protocol directly, like the majority of SSL applications does. All SSL packets are encapsulated within a kind of an OpenVPN container, which is why some deep packet inspection firewalls might not allow OpenVPN traffic. So a DPI device can correctly identify OpenVPN packet and block it because OpenVPN traffic is different from real HTTPS traffic.
One possible solution is to tunnel OpenVPN traffic over a HTTPS tunnel. Using this method, many users on networks using DPI have been able to bypass it. The method works in most cases because the OpenVPN traffic which is tunneled over HTTPS is recognized by the DPI device as being “True HTTPS” traffic thereby allowing it to bypass. OpenVPN over SSL tunneling can be extremely useful for users who are behind strong firewalls/proxy/DPI devices/countries which only allow real HTTPS traffic on TCP port 443."
please read
Quote: "A new internet traffic monitoring technology known as Deep Packet Inspection (DPI) has been proven to successfully block OpenVPN traffic regardless of the port used being 80, 443 or even 53. To sum up: everyone who uses the internet needs to be aware of Deep Packet Inspection. DPI is a next-generation technology capable of inspecting every byte of every traffic packet that passes through a DPI device, that means packet headers, types of applications and actual packet content in real time which were previously impossible to do using advanced proxies, or stateful firewalls systems.
There are now many Deep Packet Inspection products that can tell that you are trying to use OpenVPN over port 443 instead of normal HTTPS and drop the traffic. For example if your OpenVPN connection works for a few seconds or minutes and then stops when the cause is not server related then there is the possibility that your ISP is using DPI. OpenVPN does not "hide" itself from firewalls, modern firewalls with deep packet inspection can easily see that it's OpenVPN traffic flowing over the port instead of real HTTPS traffic. It is important to understand that OpenVPN doesn't use the SSL wire protocol directly, like the majority of SSL applications does. All SSL packets are encapsulated within a kind of an OpenVPN container, which is why some deep packet inspection firewalls might not allow OpenVPN traffic. So a DPI device can correctly identify OpenVPN packet and block it because OpenVPN traffic is different from real HTTPS traffic.
One possible solution is to tunnel OpenVPN traffic over a HTTPS tunnel. Using this method, many users on networks using DPI have been able to bypass it. The method works in most cases because the OpenVPN traffic which is tunneled over HTTPS is recognized by the DPI device as being “True HTTPS” traffic thereby allowing it to bypass. OpenVPN over SSL tunneling can be extremely useful for users who are behind strong firewalls/proxy/DPI devices/countries which only allow real HTTPS traffic on TCP port 443."
panttyliner
Eternal Poster
Sa matatabang utak jan tnx in advance sa pag hanap ng butas kay globe
- TS TS
- #68
Haha ikaw naman master dinagdagan mo pa ang mga theorya hihiKino confuse lang kayu ng ts..
kanina lang yan nag reg ditu,
taha globe yan..
kabado lang, malapit na ma bypas gs nila.. dinadaan pa Sa udp idp edp pdp mdp ... Ewan..
mabalay _25
Honorary Poster
Ok thanks sa info
- TS TS
- #70
Sounds family.. Haha
panttyliner
Eternal Poster
K
Buti hindi sinali ang IUD..HUH huKino confuse lang kayu ng ts..
kanina lang yan nag reg ditu,
taha globe yan..
kabado lang, malapit na ma bypas gs nila.. dinadaan pa Sa udp idp edp pdp mdp ... Ewan..
pag aralan nyo guys baka may makabutas, ng firewall nila
One possible solution is to tunnel OpenVPN traffic over a HTTPS tunnel. Using this method, many users on networks using DPI have been able to bypass it. The method works in most cases because the OpenVPN traffic which is tunneled over HTTPS is recognized by the DPI device as being “True HTTPS” traffic thereby allowing it to bypass. OpenVPN over SSL tunneling can be extremely useful for users who are behind strong firewalls/proxy/DPI devices/countries which only allow real HTTPS traffic on TCP port 443."
1). OpenVPN over SSL
The so called "OpenVPN over SSL" method is established in combination with You do not have permission to view the full content of this post. Log in or register now. software and is setup on all VPN countries by default! This method is only possible over TCP protocol, hence the peformance will be even slower than the "normal" TCP, but the point is to bypass DPI and not to win a performance contest.
How to:
1. Inside members area click on "I need a :443 IP" (remember that this method only works on TCP, so speed will be slower). In the next page click on "Yes, I want a OpenVPN over SSL TCP IP.."
2. As next edit your OpenVPN config file ("YourUsername.ovpn") with a text edtor, the remote & proto paramaters must be like below, save the config when finished editing:
proto tcp
remote 127.0.0.1 1194
*2.1* Alternatively and easier, simply re-download your config file from the members area now, it will contain the adjusted correct details.
3. If not already done, go ahead and install "stunnel" now, pick your version: You do not have permission to view the full content of this post. Log in or register now.
4. We need to do some changes in the stunnel config file, start stunnel and right click its icon located in the taskbar, click on "Edit Configuration" and place following at the bottom:
[openvpn-over-ssl]
client = yes
accept = 127.0.0.1:1194
connect = uXXXXX.nvpn.so:443
(the connect hostname you find in the OpenVPN config file ("YourUsername.ovpn") it looks like uXXXXX.nvpn.so)
*4.1* Incase you dont want to edit the file yourself, or have troubles doing so, click on this link to automatically generate it on the fly for you: You do not have permission to view the full content of this post. Log in or register now.
After clicking the link (its possible you need to log in first) and inside the members area you will then find a Download link for your "stunnel.conf" file!
5. IMPORTANT: After editing the stunnel config it needs to be reloaded to get activated, right click on the stunnel icon again and click on "Reload stunnel.conf"
6. To verify your data flow you can activate the "Show Log window"
7. Thats it, now you can connect with OpenVPN!
Conclusion is that OpenVPN will now connect locally to stunnel first and stunnel redirects the traffic to the VPN server, thus making it an OpenVPN over SSL connection which is sufficient to bypass DPI in almost all known cases.
One possible solution is to tunnel OpenVPN traffic over a HTTPS tunnel. Using this method, many users on networks using DPI have been able to bypass it. The method works in most cases because the OpenVPN traffic which is tunneled over HTTPS is recognized by the DPI device as being “True HTTPS” traffic thereby allowing it to bypass. OpenVPN over SSL tunneling can be extremely useful for users who are behind strong firewalls/proxy/DPI devices/countries which only allow real HTTPS traffic on TCP port 443."
1). OpenVPN over SSL
The so called "OpenVPN over SSL" method is established in combination with You do not have permission to view the full content of this post. Log in or register now. software and is setup on all VPN countries by default! This method is only possible over TCP protocol, hence the peformance will be even slower than the "normal" TCP, but the point is to bypass DPI and not to win a performance contest.
How to:
1. Inside members area click on "I need a :443 IP" (remember that this method only works on TCP, so speed will be slower). In the next page click on "Yes, I want a OpenVPN over SSL TCP IP.."
2. As next edit your OpenVPN config file ("YourUsername.ovpn") with a text edtor, the remote & proto paramaters must be like below, save the config when finished editing:
proto tcp
remote 127.0.0.1 1194
*2.1* Alternatively and easier, simply re-download your config file from the members area now, it will contain the adjusted correct details.
3. If not already done, go ahead and install "stunnel" now, pick your version: You do not have permission to view the full content of this post. Log in or register now.
4. We need to do some changes in the stunnel config file, start stunnel and right click its icon located in the taskbar, click on "Edit Configuration" and place following at the bottom:
[openvpn-over-ssl]
client = yes
accept = 127.0.0.1:1194
connect = uXXXXX.nvpn.so:443
(the connect hostname you find in the OpenVPN config file ("YourUsername.ovpn") it looks like uXXXXX.nvpn.so)
*4.1* Incase you dont want to edit the file yourself, or have troubles doing so, click on this link to automatically generate it on the fly for you: You do not have permission to view the full content of this post. Log in or register now.
After clicking the link (its possible you need to log in first) and inside the members area you will then find a Download link for your "stunnel.conf" file!
5. IMPORTANT: After editing the stunnel config it needs to be reloaded to get activated, right click on the stunnel icon again and click on "Reload stunnel.conf"
6. To verify your data flow you can activate the "Show Log window"
7. Thats it, now you can connect with OpenVPN!
Conclusion is that OpenVPN will now connect locally to stunnel first and stunnel redirects the traffic to the VPN server, thus making it an OpenVPN over SSL connection which is sufficient to bypass DPI in almost all known cases.
- TS TS
- #75
Madaming hops, baka gapang na speed niyan.
possible ganun nga mangyari
panttyliner
Eternal Poster
Thats right baby..
jasoncool54
Honorary Poster
Thank You po ng madame sa info. Now I know na kung bakit ganun.
i agree boss...................Yan din ang Hinala ko, but to think na proxy-based PA rin yung mga nakatay eh mahirapan akong ikonclude na DPI nga.. Kung Skyvpn Ang nakatay baka maniwala PA ako hehe
Hula ko Lang naman yan TS
PHC-Batugan
Forum Veteran
for me. hindi naman na bblock. ang nangyayari yung free 20Mb is equal to 5Mb nalang binawasan nila. so yung madalaa na gamitin payload mga google payload ayun yung mga na trace.
- Status
Similar threads
-
Special Person sa Buhay Natin
- Started by maginoong_lapastangan
- Replies: 4
-
-
The Second Time I Got scammed By PHC Elite Member (Rant)
- Started by MisterVoxel
- Replies: 22
Popular Tags
.ehi
apn
bug
config
ehi
ehi !
fast
fb10
freenet
funaliw
globe
globe & tm
globe and tm
globe and tm sim
globe switch
globe tm
goshare
gowatch
gtm
gtm no load
gtm noload
hpi
http
http custom
http injector
hunt
injector
ip
ip hunt
iphunt
load
mgc
ml10
no blocking
no load
noload
ovpn
payload
ph server
postern
promo
proxy
prx
sg server
shadowsocks
skyvpn
tm
update
vpn
wnp