Route Openvpn through stunnel

Hello, i am often travelling to countries with DPI firewall. In most cases i use a stunnel configuration to obfuscate my openvpn traffic through an ssl tunnel.

I would like to know what would be the best way to put the right routes into my AXT1800 router. I have successfully setup the stunnel configuration from luci. i can connect the openvpn tunnel from the gl inet frontend through the stunnel proxy using its local address and port configured in stunnel. In order to keep the connection up i would then need to setup a route which tells the router to not route the initial ip of the stunnel / proxy gateway through the vpn but directly through the internet gateway otherwise the vpn would stop working. Whats the best way to put this route and where?

Example:
Router IP: 10.10.1.1
Stunnel / Proxy IP: 10.10.2.1 as destination and 127.0.0.1:6666 as local recipient
Openvpn: Configured to connect through stunnel /proxy with 127.0.0.1:6666 as destination
After establishing the vpn th proxy ip 10.10.2.1 should not be routed through vpn otherwise the proxy will end up in a reconnect loop

Are there any other rules / routes required to have this setup working properly on the gl inet router?

Thank you!

1 Like

in the vpn policy, can set the stunnel client 127.0.0.1:6666 not routed through vpn. as:

image

The policy based routing just seems to touch client related connections - router itself ignores those policies and still conncets those domains through vpn. setting a static route only temporarily solves the issue as after a while it seems to ignore set static routes. any idea?

Would a cronjob kicking off a script to ‘refresh’/re-establish the static route not alleviate it? Perhaps some sort of watchdog script on the route, looping every n mins/secs, would do it.

Even I want to setup stunnel. Badly. How did you you do this? If there is a tutorial, any link, that would really help me.