ahududu wrote: ↑
Thu Dec 06, 2018 8:59 pm
*What is the advantages and disadvantages of use OpenVPN with proxy? I mean security, privacy, etc.
Advantages: your ISP will think you're just websurfing (unless they have a layer 7 deep packet inspection solution, like this one
for example). Also it works even if there's a firewall which blocks OpenVPN port 1194 but not http proxy (usually port 8080).
Disadvantages: serious performance degradation. (But in case of a blocking firewall, slow is much better than nothing
I'd also like to point out that http proxy could use a user/password authentication and one would think that adds extra security. Actually it's quite the opposite, as basic http auth is breakable to cleartext literally in no time, and knowing credentials can help an attacker to guess your other user/pass combos (you would be surpised how many people are using the same user/pass on different servers and sites).
**What does exactly makes Proxy setting on OpenVPN connection? I mean what is the role of Proxy in this scenario?
Normally OpenVPN connects directly to the server. That means UDP/TCP packets sent to port 1194 (by default). With proxy, that communication is wrapped in a HTTP protocol, meaning OpenVPN will send http packets to the proxy, and the proxy will connect to the vpn server.
***How can i test the connection in this scenario? I mean i am connecting with Italy OVPN TCP file and writing Sweden Proxy servers to the Proxy section.
Use netstat on your local machine. Without proxy, you should see connections to the vpn server port 1194 (or whatever port your vpn server is using). With proxy, you'll only see connections to the proxy server on port 8080 (or whatever port the proxy is using).
Alternatively you could use "lsof | grep openvpn" to list open connections.
When i check my IP, it is Italy IP. But what is doing Sweden Proxy in this scenario?
If you have set up everything correctly, you won't see any Swedish IP, because proxy is used to carry the packets which implements the tunnel itself, and your normal traffic will be routed INSIDE the tunnel.