Linux - How can I circumvent VPN censorship by masking the VPN traffic?
In some countries (like China, Iran, Vietnam), the government utilizes a very restrictive firewall and enforces local ISPs to throttle & block the VPN traffic via Deep Packet Inspection. You can work around that with the help of Obfsproxy by masking the VPN traffic:
Install Python’s pip tool:
sudo apt-get install python2.7 python-pip python-dev build-essential
Install Obfsproxy:
pip install obfsproxy
For Obfsproxy our servers listen to port TCP 5145. Open the .ovpn config file you use to connect with any text editor and adjust line 3 from proto UDP to proto TCP & port-in line 4 from 2049 to 5145. Resolve the server name specified in line 4:
nslookup xx.gw.ivpn.net
and replacexx.gw.ivpn.net
with the IP address from the output.
In the same .ovpn file add the following lines at the bottom:
Socks-proxy-retry socks-proxy 127.0.0.1 1050 route xx.xx.xx.xx 255.255.255.255 yy.yy.yy.yy
Where “xx.xx.xx.xx” - the resolved IP address from the previous step, & “yy.yy.yy.yy” - the IP address of your default gateway, which can be identified by running the following command:
ip route | grep default
Save the changes, start Obfsproxy, and keep this Terminal window open:
sudo obfsproxy obfs3 socks 127.0.0.1:1050
Connect to LimeVPN with the Obfsproxy applied and keep this Terminal window open:
sudo openvpn --config Servername.ovpn
Press Ctrl+c inside each Terminal window to close the OpenVPN and obfsproxy connections when finished.