In the last few years, the governments of several countries have tightened restrictions on their people. Some of those countries include China, India, and even the US in some cases. Whether it is banning an app, restricting usage, or more, you can’t go anywhere without hearing about those types of actions. If you are not aware, one of the easiest and most popular ways to get around them is to connect to a VPN. That may be a great solution, but some countries have cracked down more rigorously on VPN usage. Even though they can’t see the encrypted data, advancements using DPI (deep packet inspection) can detect the usage of OpenVPN encryption because of the port structure. In other words, VPNs typically use a standard port. In the case of China, that can cause some problems.
Since VPNs are illegal there, the government can block your access. After doing so, you should not be surprised if you get a knock at your door from some soldiers that ask you to come with them. Whereas some do not mind taking that risk, others would not. The way to resolve this issue is to change the OpenVPN port so you can hide your VPN traffic. Luckily, there are a few different ways to do that. Those include in-client port forwarding, tunneling, and third party programs. Please keep in mind that if you are still having issues, you will want to contact support for your provider.
Use Obfsproxy
Obfsproxy is a third-party tool designed to add a secondary obfuscation layer to your activities. That makes it very difficult to detect any underlying encryption protocols that you may be using. It works so well, the Tor network uses it to help defeat the Chinese censorship of Tor nodes. That said, you can configure to work with OpenVPN. The downside is that it takes some knowledge to enable the program, and is not as secure as some of the options we are going to list below. However, it does have the benefit of lower overhead because it does not have encryption. If you are in a place where bandwidth is precious and you have some technical know-how, that is a good way of getting around the problem.
Use an SSL Tunnel
SSL stands for Secure Socket Layer. Even though you may have seen it on secure financial websites, you may not know that you can use it as an effective substitute to OpenVPN and will hide the use of it as well. That said, OpenVPN’s version is different and more easily detected. Since China uses DPI techniques, the government can often tell the difference. Using both together may help you solve the issue of staying protected.
Switch from OpenVPN Port 1194 to SSL Port 443
The normal port that OpenVPN uses is port 1194. However, you can forward the port to 443. That is the same protocol that secure websites and transactions with the HTTPS designation use. That said, blocking 443 would wipe out access to the internet and is not an option for web censorship. Unlike other solutions, this one does not require technical knowledge and is almost universally supported by OpenVPN clients. Usually, it is a setting you need to toggle in your VPN client.
Use an SSH Tunnel
While the SSH tunnel works similarly to using OpenVPN through an SSL tunnel, there is a key difference. With this one, the OpenVPN encrypted data is protected inside a layer of Secure Shell (SSH) encryption instead. Of course, that will increase the overhead by quite a bit. This option was built for accessing shell accounts on Unix systems. Because of that, you will typically only see it in the business world, and it is as popular as SSL.
Conclusion
As you can see, we have provided you with some of the best ways to obfuscate your OpenVPN port to hide your web traffic. If you are traveling to a country like China, you will want to have these options in place before you start. Because of their Deep Packet Inspection techniques, they can tell a difference between OpenVPN encrypted data and regular SSL traffic. Sadly, some countries still hold on to old methods of doing things in an attempt to suppress freedoms. You will want to take some extra steps like we mentioned above if you are in one of them because no one wants to go missing after breaking the laws of the government.