Update README.md

This commit is contained in:
AJ ONeal 2017-10-30 11:24:29 -06:00
parent af14149a13
commit 4a576da545
1 changed files with 20 additions and 3 deletions

View File

@ -324,6 +324,11 @@ tcp:
- _ssh.example.com # Note: this domain would also listed in tls.acme.domains - _ssh.example.com # Note: this domain would also listed in tls.acme.domains
host: localhost host: localhost
port: 22 port: 22
- type: proxy
domains:
- _vpn.example.com # Note: this domain would also listed in tls.acme.domains
host: localhost
port: 1194
``` ```
_Note_: In same cases network administrators purposefully block ssh and vpn connections using _Note_: In same cases network administrators purposefully block ssh and vpn connections using
@ -351,11 +356,23 @@ Host example.com
There are two strategies that will work well for you: There are two strategies that will work well for you:
1) [Use ssh](https://redfern.me/tunneling-openvpn-through-ssh/) with the config above to reverse proxy tcp port 1194 to you. (`ssh -L 1194:localhost:1194 example.com`) 1) [Use ssh](https://redfern.me/tunneling-openvpn-through-ssh/) with the config above to reverse proxy tcp port 1194 to you.
2) [Use stunnel](https://git.daplie.com/Daplie/node-tunnel-client) ```bash
ssh -L 1194:localhost:1194 example.com
```
3) Use stunnel.js as described in the "tunnel_server" section below 2) [Use stunnel]https://serverfault.com/questions/675553/stunnel-vpn-traffic-and-ensure-it-looks-like-ssl-traffic-on-port-443/681497)
```
[openvpn-over-goldilocks]
client = yes
accept = 127.0.0.1:1194
sni = _vpn.example.com
connect = example.com:443
```
3) [Use stunnel.js](https://git.daplie.com/Daplie/node-tunnel-client) as described in the "tunnel_server" section below.
### tcp.forward ### tcp.forward