StreisandEffect / streisand

Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
https://twitter.com/streisandvpn
Other
23.19k stars 1.99k forks source link

Using only stunnel+openvpn yields 'Bad encapsulated packet length from peer' #962

Closed describe19 closed 6 years ago

describe19 commented 7 years ago

I'm attempting to connect via Tunnelblick on OSX

Expected behavior:

Make TCP connection->server response->get configuration->connected

Actual Behavior:

Make TCP connection->waiting for server response LOOPS Have error: WARNING: Bad encapsulated packet length from peer (10784), which must be > 0 and <= 1575 Direct OpenVPN appears to work ok (although i get 'DNS appears to be not working' from tunnelblick)

Steps to Reproduce:

What I have done

  1. Run streisand, set up new DigitalOcean server, select no to everything except OpenVPN and stunnel
  2. Follow install instructions for OpenVPN+stunnel on OSX

Ansible Information

Streisand Information

Enabled Roles

Additional Details:

Log output from Ansible or other relevant services (link to Gist for longer output):

Target Cloud Provider:
Operating System of target host:
Operating System of client:
Version of Ansible, using ansible --version :
Output from git rev-parse HEAD in your Streisand directory :
alimakki commented 7 years ago

@describe19 Could you let me know what data center on Digital Ocean did you spin your server up on?

describe19 commented 7 years ago

Sorry for the late reply - singapore

baimafeima commented 6 years ago

@describe19 Could you tell me how to change the "enabled roles", that is, how to disable some services? Do you do this for security reasons? I have a similar question at #1137 If you don't need one of the services and they are kept enabled, is there a greater risk for them to be discovered? Many thanks for your support.

alimakki commented 6 years ago

@baimafeima to pick and choose which vpn services are installed, when running the ./streisand script, you will be present with question if you want to customize the install, choose yes. you will be prompted with several yes/no questions to enable/disable vpns during install.

cpu commented 6 years ago

I think this issue has become stale enough that forward progress is unlikely. I'm going to close this issue for now. Please comment if you are still affected running the latest code in master and are able to coordinate with us on debugging. Thanks!