Enough servers doing this every few hours is enough to completely defeat the GFW and its clones. VPN Gate is still resistant to attack to the degree that server operators are willing to routinely freshen the network by changing their IP addresses. In actuality, any SSL VPN server will suffice, however SoftEther VPN is the server of choice in this example. Servers change addresses or go offline, and they get blocked by censorship systems. This guide was written in order to assist in setting up HAProxy in PfSense in order to route SSL (443) traffic to either a SoftEther SSL VPN server or a webserver listening on port 443 based on SNI. Be aware that a server list is a perishable resource, going stale after a few days. ![]() Perhaps one could also compile a list of servers by using the client interface and comparing with several others in other locations. ![]() The most thorough listing you can get is by sending visitors to the list from different countries and then compiling a unified master server list, which will still be a subset of all servers. One (or maybe more) of those ports is used to list the Virtual Hubs on the SoftEther server when queried by the client. They do that to prevent an attacker from blacklisting all of the servers at once and thereby blocking access from China and other censoring countries. A visitor to the VPN Gate server listing page is only shown a subset of the available servers, though other servers are online.
0 Comments
Leave a Reply. |