Unable to create seemingly simple stunnel configuration Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Come Celebrate our 10 Year Anniversary!SQL Server 08 Express error when connecting to localhost - “Timeout expired”. Works with ::1 or 127.0.0.1Windows Server 2008 - Connecting to 127.0.0.1haproxy + stunnel + keep-alive?STunnel Not Reading Configuration FileStunnel and FIXStunnel: ssl to sslRedis Cluster over stunnel configurationStunnel broke packetsstunnel create systemd service files ?Stunnel - SMTP Authentication failed
Why do people hide their license plates in the EU?
Should I discuss the type of campaign with my players?
How can I make names more distinctive without making them longer?
How discoverable are IPv6 addresses and AAAA names by potential attackers?
If a contract sometimes uses the wrong name, is it still valid?
Why are Kinder Surprise Eggs illegal in the USA?
At the end of Thor: Ragnarok why don't the Asgardians turn and head for the Bifrost as per their original plan?
51k Euros annually for a family of 4 in Berlin: Is it enough?
Can I cast Passwall to drop an enemy into a 20-foot pit?
How to find out what spells would be useless to a blind NPC spellcaster?
String `!23` is replaced with `docker` in command line
What causes the vertical darker bands in my photo?
A coin, having probability p of landing heads and probability of q=(1-p) of landing on heads.
Why am I getting the error "non-boolean type specified in a context where a condition is expected" for this request?
Can a non-EU citizen traveling with me come with me through the EU passport line?
How to run gsettings for another user Ubuntu 18.04.2 LTS
How does the particle を relate to the verb 行く in the structure「A を + B に行く」?
What would be the ideal power source for a cybernetic eye?
Apollo command module space walk?
What does the "x" in "x86" represent?
What is Arya's weapon design?
Can a USB port passively 'listen only'?
How to deal with a team lead who never gives me credit?
What's the meaning of 間時肆拾貳 at a car parking sign
Unable to create seemingly simple stunnel configuration
Announcing the arrival of Valued Associate #679: Cesar Manara
Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern)
Come Celebrate our 10 Year Anniversary!SQL Server 08 Express error when connecting to localhost - “Timeout expired”. Works with ::1 or 127.0.0.1Windows Server 2008 - Connecting to 127.0.0.1haproxy + stunnel + keep-alive?STunnel Not Reading Configuration FileStunnel and FIXStunnel: ssl to sslRedis Cluster over stunnel configurationStunnel broke packetsstunnel create systemd service files ?Stunnel - SMTP Authentication failed
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I have a computer at work that is behind a firewall with an internal ip address of 192.168.12.13... the firewall maps ports 40000 - 40019 to matching ports on this local machine. (e.g. 40000 - 40000, 40001 - 40001, etc...) And, let's define the external ip as 12.34.56.78.
I want to setup my home computer to connect to this work computer.
Work computer stunnel.config:
[brianserver]
client = no
accept = 127.0.0.1:40020
connect = 192.168.12.13:40000
ciphers = PSK
PSKsecrets = psk1.txt
Home computer stunnel.config:
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
I am using a product called "Hercules SETUP utility" to listen on the work machine:
And, I am using "Hercules SETUP utility" to initiate a connection from the home machine:
As you can see I am getting a connection refused message.
Home computer stunnel.log: (these messages occurred during connection attempt)
2019.04.10 23:36:09 LOG7[main]: Found 1 ready file descriptor(s)
2019.04.10 23:36:09 LOG7[main]: FD=616 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: FD=624 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: Service[brianclient] accepted(FD= 768) from 127.0.0.1:56795
2019.04.10 23:36:09 LOG7[main]: Creating a new thread
2019.04.10 23:36:09 LOG7[main]: New thread created
2019.04.10 23:36:09 LOG7[2]: Service[brianclient] started
2019.04.10 23:36:09 LOG7[2]: Setting local socket options(FD= 768)
2019.04.10 23:36:09 LOG7[2]: Option TCP_NODELAY set on local socket
2019.04.10 23:36:09 LOG5[2]: Service[brianclient] accepted connection from 127.0.0.1:56795
2019.04.10 23:36:09 LOG6[2]: s_connect: connecting 12.34.56.78:40000
2019.04.10 23:36:09 LOG7[2]: s_connect: s_poll_wait 12.34.56.78:40000: waiting 10 seconds
2019.04.10 23:36:10 LOG3[2]: s_connect: connect 12.34.56.78:40000: Connection refused(WSAECONNREFUSED) (10061)
2019.04.10 23:36:10 LOG3[2]: No more addresses to connect
2019.04.10 23:36:10 LOG5[2]: Connection reset: 0 byte (s) sent to TLS, 0 byte (s) sent to socket
2019.04.10 23:36:10 LOG7[2]: Local descriptor(FD= 768) closed
2019.04.10 23:36:10 LOG7[2]: Service[brianclient] finished(0 left)
Work computer stunnel.log: (ran at startup... no messages on connection attempt)
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG7[main]: No limit detected for the number of clients
2019.04.10 21:24:55 LOG5[main]: stunnel 5.51 on x64-pc-mingw32-gnu platform
2019.04.10 21:24:55 LOG5[main]: Compiled/running with OpenSSL 1.1.1b 26 Feb 2019
2019.04.10 21:24:55 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
2019.04.10 21:24:55 LOG7[main]: errno: (* _errno())
2019.04.10 21:24:55 LOG7[service]: GUI message loop initialized
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG5[main]: Reading configuration from file stunnel.conf
2019.04.10 21:24:55 LOG5[main]: UTF-8 byte order mark detected
2019.04.10 21:24:55 LOG7[main]: Compression disabled
2019.04.10 21:24:55 LOG7[main]: No PRNG seeding was required
2019.04.10 21:24:55 LOG6[main]: Initializing service[brianserver]
2019.04.10 21:24:55 LOG6[main]: PSK identities: 1 retrieved
2019.04.10 21:24:55 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
2019.04.10 21:24:55 LOG7[main]: TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
2019.04.10 21:24:55 LOG7[main]: TLS options: 0x02100004 (+0x00000000, -0x00000000)
2019.04.10 21:24:55 LOG7[main]: No certificate or private key specified
2019.04.10 21:24:55 LOG6[main]: DH initialization not needed
2019.04.10 21:24:55 LOG7[main]: ECDH initialization
2019.04.10 21:24:55 LOG7[main]: ECDH initialized with curves X25519:P-256:X448:P-521:P-384
2019.04.10 21:24:55 LOG5[main]: Configuration successful
2019.04.10 21:24:55 LOG7[main]: Binding service[brianserver]
2019.04.10 21:24:55 LOG7[main]: Listening file descriptor created(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Setting accept socket options(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2019.04.10 21:24:55 LOG6[main]: Service[brianserver] (FD=716) bound to 127.0.0.1:40020
2019.04.10 21:24:55 LOG7[cron]: Cron thread initialized
2019.04.10 21:25:55 LOG6[cron]: Executing cron jobs
2019.04.10 21:25:55 LOG6[cron]: Cron jobs completed in 0 seconds
2019.04.10 21:25:55 LOG7[cron]: Waiting 86400 seconds
Also, psk1.txt has matching content:
brianskey:a3...6r
Also, on work computer:
C:Program Files (x86)stunnelbin>netstat -ano|findstr 40020
TCP 0.0.0.0:40020 0.0.0.0:0 LISTENING 71888
TCP 127.0.0.1:40020 0.0.0.0:0 LISTENING 34728
Note: the line with "0.0.0.0:40020" shows up after I start the Hercules listener.
windows tcp connection stunnel
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
This question has an open bounty worth +100
reputation from Brian Rice ending ending at 2019-04-21 17:21:31Z">in 5 days.
This question has not received enough attention.
add a comment |
I have a computer at work that is behind a firewall with an internal ip address of 192.168.12.13... the firewall maps ports 40000 - 40019 to matching ports on this local machine. (e.g. 40000 - 40000, 40001 - 40001, etc...) And, let's define the external ip as 12.34.56.78.
I want to setup my home computer to connect to this work computer.
Work computer stunnel.config:
[brianserver]
client = no
accept = 127.0.0.1:40020
connect = 192.168.12.13:40000
ciphers = PSK
PSKsecrets = psk1.txt
Home computer stunnel.config:
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
I am using a product called "Hercules SETUP utility" to listen on the work machine:
And, I am using "Hercules SETUP utility" to initiate a connection from the home machine:
As you can see I am getting a connection refused message.
Home computer stunnel.log: (these messages occurred during connection attempt)
2019.04.10 23:36:09 LOG7[main]: Found 1 ready file descriptor(s)
2019.04.10 23:36:09 LOG7[main]: FD=616 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: FD=624 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: Service[brianclient] accepted(FD= 768) from 127.0.0.1:56795
2019.04.10 23:36:09 LOG7[main]: Creating a new thread
2019.04.10 23:36:09 LOG7[main]: New thread created
2019.04.10 23:36:09 LOG7[2]: Service[brianclient] started
2019.04.10 23:36:09 LOG7[2]: Setting local socket options(FD= 768)
2019.04.10 23:36:09 LOG7[2]: Option TCP_NODELAY set on local socket
2019.04.10 23:36:09 LOG5[2]: Service[brianclient] accepted connection from 127.0.0.1:56795
2019.04.10 23:36:09 LOG6[2]: s_connect: connecting 12.34.56.78:40000
2019.04.10 23:36:09 LOG7[2]: s_connect: s_poll_wait 12.34.56.78:40000: waiting 10 seconds
2019.04.10 23:36:10 LOG3[2]: s_connect: connect 12.34.56.78:40000: Connection refused(WSAECONNREFUSED) (10061)
2019.04.10 23:36:10 LOG3[2]: No more addresses to connect
2019.04.10 23:36:10 LOG5[2]: Connection reset: 0 byte (s) sent to TLS, 0 byte (s) sent to socket
2019.04.10 23:36:10 LOG7[2]: Local descriptor(FD= 768) closed
2019.04.10 23:36:10 LOG7[2]: Service[brianclient] finished(0 left)
Work computer stunnel.log: (ran at startup... no messages on connection attempt)
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG7[main]: No limit detected for the number of clients
2019.04.10 21:24:55 LOG5[main]: stunnel 5.51 on x64-pc-mingw32-gnu platform
2019.04.10 21:24:55 LOG5[main]: Compiled/running with OpenSSL 1.1.1b 26 Feb 2019
2019.04.10 21:24:55 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
2019.04.10 21:24:55 LOG7[main]: errno: (* _errno())
2019.04.10 21:24:55 LOG7[service]: GUI message loop initialized
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG5[main]: Reading configuration from file stunnel.conf
2019.04.10 21:24:55 LOG5[main]: UTF-8 byte order mark detected
2019.04.10 21:24:55 LOG7[main]: Compression disabled
2019.04.10 21:24:55 LOG7[main]: No PRNG seeding was required
2019.04.10 21:24:55 LOG6[main]: Initializing service[brianserver]
2019.04.10 21:24:55 LOG6[main]: PSK identities: 1 retrieved
2019.04.10 21:24:55 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
2019.04.10 21:24:55 LOG7[main]: TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
2019.04.10 21:24:55 LOG7[main]: TLS options: 0x02100004 (+0x00000000, -0x00000000)
2019.04.10 21:24:55 LOG7[main]: No certificate or private key specified
2019.04.10 21:24:55 LOG6[main]: DH initialization not needed
2019.04.10 21:24:55 LOG7[main]: ECDH initialization
2019.04.10 21:24:55 LOG7[main]: ECDH initialized with curves X25519:P-256:X448:P-521:P-384
2019.04.10 21:24:55 LOG5[main]: Configuration successful
2019.04.10 21:24:55 LOG7[main]: Binding service[brianserver]
2019.04.10 21:24:55 LOG7[main]: Listening file descriptor created(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Setting accept socket options(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2019.04.10 21:24:55 LOG6[main]: Service[brianserver] (FD=716) bound to 127.0.0.1:40020
2019.04.10 21:24:55 LOG7[cron]: Cron thread initialized
2019.04.10 21:25:55 LOG6[cron]: Executing cron jobs
2019.04.10 21:25:55 LOG6[cron]: Cron jobs completed in 0 seconds
2019.04.10 21:25:55 LOG7[cron]: Waiting 86400 seconds
Also, psk1.txt has matching content:
brianskey:a3...6r
Also, on work computer:
C:Program Files (x86)stunnelbin>netstat -ano|findstr 40020
TCP 0.0.0.0:40020 0.0.0.0:0 LISTENING 71888
TCP 127.0.0.1:40020 0.0.0.0:0 LISTENING 34728
Note: the line with "0.0.0.0:40020" shows up after I start the Hercules listener.
windows tcp connection stunnel
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
This question has an open bounty worth +100
reputation from Brian Rice ending ending at 2019-04-21 17:21:31Z">in 5 days.
This question has not received enough attention.
Don't know if that solves the problem, but the stunnel PSK example has a lineciphers = PSKin the server config.
– Freddy
2 days ago
I had hopes... but still the same behavior.
– Brian Rice
yesterday
add a comment |
I have a computer at work that is behind a firewall with an internal ip address of 192.168.12.13... the firewall maps ports 40000 - 40019 to matching ports on this local machine. (e.g. 40000 - 40000, 40001 - 40001, etc...) And, let's define the external ip as 12.34.56.78.
I want to setup my home computer to connect to this work computer.
Work computer stunnel.config:
[brianserver]
client = no
accept = 127.0.0.1:40020
connect = 192.168.12.13:40000
ciphers = PSK
PSKsecrets = psk1.txt
Home computer stunnel.config:
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
I am using a product called "Hercules SETUP utility" to listen on the work machine:
And, I am using "Hercules SETUP utility" to initiate a connection from the home machine:
As you can see I am getting a connection refused message.
Home computer stunnel.log: (these messages occurred during connection attempt)
2019.04.10 23:36:09 LOG7[main]: Found 1 ready file descriptor(s)
2019.04.10 23:36:09 LOG7[main]: FD=616 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: FD=624 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: Service[brianclient] accepted(FD= 768) from 127.0.0.1:56795
2019.04.10 23:36:09 LOG7[main]: Creating a new thread
2019.04.10 23:36:09 LOG7[main]: New thread created
2019.04.10 23:36:09 LOG7[2]: Service[brianclient] started
2019.04.10 23:36:09 LOG7[2]: Setting local socket options(FD= 768)
2019.04.10 23:36:09 LOG7[2]: Option TCP_NODELAY set on local socket
2019.04.10 23:36:09 LOG5[2]: Service[brianclient] accepted connection from 127.0.0.1:56795
2019.04.10 23:36:09 LOG6[2]: s_connect: connecting 12.34.56.78:40000
2019.04.10 23:36:09 LOG7[2]: s_connect: s_poll_wait 12.34.56.78:40000: waiting 10 seconds
2019.04.10 23:36:10 LOG3[2]: s_connect: connect 12.34.56.78:40000: Connection refused(WSAECONNREFUSED) (10061)
2019.04.10 23:36:10 LOG3[2]: No more addresses to connect
2019.04.10 23:36:10 LOG5[2]: Connection reset: 0 byte (s) sent to TLS, 0 byte (s) sent to socket
2019.04.10 23:36:10 LOG7[2]: Local descriptor(FD= 768) closed
2019.04.10 23:36:10 LOG7[2]: Service[brianclient] finished(0 left)
Work computer stunnel.log: (ran at startup... no messages on connection attempt)
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG7[main]: No limit detected for the number of clients
2019.04.10 21:24:55 LOG5[main]: stunnel 5.51 on x64-pc-mingw32-gnu platform
2019.04.10 21:24:55 LOG5[main]: Compiled/running with OpenSSL 1.1.1b 26 Feb 2019
2019.04.10 21:24:55 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
2019.04.10 21:24:55 LOG7[main]: errno: (* _errno())
2019.04.10 21:24:55 LOG7[service]: GUI message loop initialized
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG5[main]: Reading configuration from file stunnel.conf
2019.04.10 21:24:55 LOG5[main]: UTF-8 byte order mark detected
2019.04.10 21:24:55 LOG7[main]: Compression disabled
2019.04.10 21:24:55 LOG7[main]: No PRNG seeding was required
2019.04.10 21:24:55 LOG6[main]: Initializing service[brianserver]
2019.04.10 21:24:55 LOG6[main]: PSK identities: 1 retrieved
2019.04.10 21:24:55 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
2019.04.10 21:24:55 LOG7[main]: TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
2019.04.10 21:24:55 LOG7[main]: TLS options: 0x02100004 (+0x00000000, -0x00000000)
2019.04.10 21:24:55 LOG7[main]: No certificate or private key specified
2019.04.10 21:24:55 LOG6[main]: DH initialization not needed
2019.04.10 21:24:55 LOG7[main]: ECDH initialization
2019.04.10 21:24:55 LOG7[main]: ECDH initialized with curves X25519:P-256:X448:P-521:P-384
2019.04.10 21:24:55 LOG5[main]: Configuration successful
2019.04.10 21:24:55 LOG7[main]: Binding service[brianserver]
2019.04.10 21:24:55 LOG7[main]: Listening file descriptor created(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Setting accept socket options(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2019.04.10 21:24:55 LOG6[main]: Service[brianserver] (FD=716) bound to 127.0.0.1:40020
2019.04.10 21:24:55 LOG7[cron]: Cron thread initialized
2019.04.10 21:25:55 LOG6[cron]: Executing cron jobs
2019.04.10 21:25:55 LOG6[cron]: Cron jobs completed in 0 seconds
2019.04.10 21:25:55 LOG7[cron]: Waiting 86400 seconds
Also, psk1.txt has matching content:
brianskey:a3...6r
Also, on work computer:
C:Program Files (x86)stunnelbin>netstat -ano|findstr 40020
TCP 0.0.0.0:40020 0.0.0.0:0 LISTENING 71888
TCP 127.0.0.1:40020 0.0.0.0:0 LISTENING 34728
Note: the line with "0.0.0.0:40020" shows up after I start the Hercules listener.
windows tcp connection stunnel
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I have a computer at work that is behind a firewall with an internal ip address of 192.168.12.13... the firewall maps ports 40000 - 40019 to matching ports on this local machine. (e.g. 40000 - 40000, 40001 - 40001, etc...) And, let's define the external ip as 12.34.56.78.
I want to setup my home computer to connect to this work computer.
Work computer stunnel.config:
[brianserver]
client = no
accept = 127.0.0.1:40020
connect = 192.168.12.13:40000
ciphers = PSK
PSKsecrets = psk1.txt
Home computer stunnel.config:
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
I am using a product called "Hercules SETUP utility" to listen on the work machine:
And, I am using "Hercules SETUP utility" to initiate a connection from the home machine:
As you can see I am getting a connection refused message.
Home computer stunnel.log: (these messages occurred during connection attempt)
2019.04.10 23:36:09 LOG7[main]: Found 1 ready file descriptor(s)
2019.04.10 23:36:09 LOG7[main]: FD=616 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: FD=624 ifds=r-x ofds = ---
2019.04.10 23:36:09 LOG7[main]: Service[brianclient] accepted(FD= 768) from 127.0.0.1:56795
2019.04.10 23:36:09 LOG7[main]: Creating a new thread
2019.04.10 23:36:09 LOG7[main]: New thread created
2019.04.10 23:36:09 LOG7[2]: Service[brianclient] started
2019.04.10 23:36:09 LOG7[2]: Setting local socket options(FD= 768)
2019.04.10 23:36:09 LOG7[2]: Option TCP_NODELAY set on local socket
2019.04.10 23:36:09 LOG5[2]: Service[brianclient] accepted connection from 127.0.0.1:56795
2019.04.10 23:36:09 LOG6[2]: s_connect: connecting 12.34.56.78:40000
2019.04.10 23:36:09 LOG7[2]: s_connect: s_poll_wait 12.34.56.78:40000: waiting 10 seconds
2019.04.10 23:36:10 LOG3[2]: s_connect: connect 12.34.56.78:40000: Connection refused(WSAECONNREFUSED) (10061)
2019.04.10 23:36:10 LOG3[2]: No more addresses to connect
2019.04.10 23:36:10 LOG5[2]: Connection reset: 0 byte (s) sent to TLS, 0 byte (s) sent to socket
2019.04.10 23:36:10 LOG7[2]: Local descriptor(FD= 768) closed
2019.04.10 23:36:10 LOG7[2]: Service[brianclient] finished(0 left)
Work computer stunnel.log: (ran at startup... no messages on connection attempt)
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG7[main]: No limit detected for the number of clients
2019.04.10 21:24:55 LOG5[main]: stunnel 5.51 on x64-pc-mingw32-gnu platform
2019.04.10 21:24:55 LOG5[main]: Compiled/running with OpenSSL 1.1.1b 26 Feb 2019
2019.04.10 21:24:55 LOG5[main]: Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,OCSP,PSK,SNI
2019.04.10 21:24:55 LOG7[main]: errno: (* _errno())
2019.04.10 21:24:55 LOG7[service]: GUI message loop initialized
2019.04.10 21:24:55 LOG7[main]: Running on Windows 6.2
2019.04.10 21:24:55 LOG5[main]: Reading configuration from file stunnel.conf
2019.04.10 21:24:55 LOG5[main]: UTF-8 byte order mark detected
2019.04.10 21:24:55 LOG7[main]: Compression disabled
2019.04.10 21:24:55 LOG7[main]: No PRNG seeding was required
2019.04.10 21:24:55 LOG6[main]: Initializing service[brianserver]
2019.04.10 21:24:55 LOG6[main]: PSK identities: 1 retrieved
2019.04.10 21:24:55 LOG7[main]: Ciphers: HIGH:!aNULL:!SSLv2:!DH:!kDHEPSK
2019.04.10 21:24:55 LOG7[main]: TLSv1.3 ciphersuites: TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256
2019.04.10 21:24:55 LOG7[main]: TLS options: 0x02100004 (+0x00000000, -0x00000000)
2019.04.10 21:24:55 LOG7[main]: No certificate or private key specified
2019.04.10 21:24:55 LOG6[main]: DH initialization not needed
2019.04.10 21:24:55 LOG7[main]: ECDH initialization
2019.04.10 21:24:55 LOG7[main]: ECDH initialized with curves X25519:P-256:X448:P-521:P-384
2019.04.10 21:24:55 LOG5[main]: Configuration successful
2019.04.10 21:24:55 LOG7[main]: Binding service[brianserver]
2019.04.10 21:24:55 LOG7[main]: Listening file descriptor created(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Setting accept socket options(FD= 716)
2019.04.10 21:24:55 LOG7[main]: Option SO_EXCLUSIVEADDRUSE set on accept socket
2019.04.10 21:24:55 LOG6[main]: Service[brianserver] (FD=716) bound to 127.0.0.1:40020
2019.04.10 21:24:55 LOG7[cron]: Cron thread initialized
2019.04.10 21:25:55 LOG6[cron]: Executing cron jobs
2019.04.10 21:25:55 LOG6[cron]: Cron jobs completed in 0 seconds
2019.04.10 21:25:55 LOG7[cron]: Waiting 86400 seconds
Also, psk1.txt has matching content:
brianskey:a3...6r
Also, on work computer:
C:Program Files (x86)stunnelbin>netstat -ano|findstr 40020
TCP 0.0.0.0:40020 0.0.0.0:0 LISTENING 71888
TCP 127.0.0.1:40020 0.0.0.0:0 LISTENING 34728
Note: the line with "0.0.0.0:40020" shows up after I start the Hercules listener.
windows tcp connection stunnel
windows tcp connection stunnel
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited yesterday
Brian Rice
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
asked Apr 11 at 10:15
Brian RiceBrian Rice
64
64
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Brian Rice is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
This question has an open bounty worth +100
reputation from Brian Rice ending ending at 2019-04-21 17:21:31Z">in 5 days.
This question has not received enough attention.
This question has an open bounty worth +100
reputation from Brian Rice ending ending at 2019-04-21 17:21:31Z">in 5 days.
This question has not received enough attention.
Don't know if that solves the problem, but the stunnel PSK example has a lineciphers = PSKin the server config.
– Freddy
2 days ago
I had hopes... but still the same behavior.
– Brian Rice
yesterday
add a comment |
Don't know if that solves the problem, but the stunnel PSK example has a lineciphers = PSKin the server config.
– Freddy
2 days ago
I had hopes... but still the same behavior.
– Brian Rice
yesterday
Don't know if that solves the problem, but the stunnel PSK example has a line
ciphers = PSK in the server config.– Freddy
2 days ago
Don't know if that solves the problem, but the stunnel PSK example has a line
ciphers = PSK in the server config.– Freddy
2 days ago
I had hopes... but still the same behavior.
– Brian Rice
yesterday
I had hopes... but still the same behavior.
– Brian Rice
yesterday
add a comment |
1 Answer
1
active
oldest
votes
Accept tells stunnel to listen on that port. Connect tells stunnel to open a connection to that port. You are having both computers listen on localhost:40020 (which is local loopback) and try to initiate a connection externally. You want your work computer (server) to listen on 192.168.12.13:40000 and then tunnel the connection to 127.0.0.1 40020 and have your remote computer connect to your 12.34.56.78:40000 address and listen locally on 40020 (127.0.0.1:40020). That will tunnel your port 40020 on your home computer to the 40020 port on your work computer.
[brianserver]
client = no
accept = 192.168.12.13:40000
connect = 127.0.0.1:40020
ciphers = PSK
PSKsecrets = psk1.txt
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
answered 4 hours ago
Henry CurleyHenry Curley
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Brian Rice is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f962588%2funable-to-create-seemingly-simple-stunnel-configuration%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Accept tells stunnel to listen on that port. Connect tells stunnel to open a connection to that port. You are having both computers listen on localhost:40020 (which is local loopback) and try to initiate a connection externally. You want your work computer (server) to listen on 192.168.12.13:40000 and then tunnel the connection to 127.0.0.1 40020 and have your remote computer connect to your 12.34.56.78:40000 address and listen locally on 40020 (127.0.0.1:40020). That will tunnel your port 40020 on your home computer to the 40020 port on your work computer.
[brianserver]
client = no
accept = 192.168.12.13:40000
connect = 127.0.0.1:40020
ciphers = PSK
PSKsecrets = psk1.txt
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
answered 4 hours ago
Henry CurleyHenry Curley
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Accept tells stunnel to listen on that port. Connect tells stunnel to open a connection to that port. You are having both computers listen on localhost:40020 (which is local loopback) and try to initiate a connection externally. You want your work computer (server) to listen on 192.168.12.13:40000 and then tunnel the connection to 127.0.0.1 40020 and have your remote computer connect to your 12.34.56.78:40000 address and listen locally on 40020 (127.0.0.1:40020). That will tunnel your port 40020 on your home computer to the 40020 port on your work computer.
[brianserver]
client = no
accept = 192.168.12.13:40000
connect = 127.0.0.1:40020
ciphers = PSK
PSKsecrets = psk1.txt
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
answered 4 hours ago
Henry CurleyHenry Curley
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Accept tells stunnel to listen on that port. Connect tells stunnel to open a connection to that port. You are having both computers listen on localhost:40020 (which is local loopback) and try to initiate a connection externally. You want your work computer (server) to listen on 192.168.12.13:40000 and then tunnel the connection to 127.0.0.1 40020 and have your remote computer connect to your 12.34.56.78:40000 address and listen locally on 40020 (127.0.0.1:40020). That will tunnel your port 40020 on your home computer to the 40020 port on your work computer.
[brianserver]
client = no
accept = 192.168.12.13:40000
connect = 127.0.0.1:40020
ciphers = PSK
PSKsecrets = psk1.txt
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
answered 4 hours ago
Henry CurleyHenry Curley
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Accept tells stunnel to listen on that port. Connect tells stunnel to open a connection to that port. You are having both computers listen on localhost:40020 (which is local loopback) and try to initiate a connection externally. You want your work computer (server) to listen on 192.168.12.13:40000 and then tunnel the connection to 127.0.0.1 40020 and have your remote computer connect to your 12.34.56.78:40000 address and listen locally on 40020 (127.0.0.1:40020). That will tunnel your port 40020 on your home computer to the 40020 port on your work computer.
[brianserver]
client = no
accept = 192.168.12.13:40000
connect = 127.0.0.1:40020
ciphers = PSK
PSKsecrets = psk1.txt
[brianclient]
client = yes
accept = 127.0.0.1:40020
connect = 12.34.56.78:40000
PSKsecrets = psk1.txt
answered 4 hours ago
Henry CurleyHenry Curley
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 4 hours ago
answered 4 hours ago
Henry CurleyHenry Curley
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 4 hours ago
Henry CurleyHenry Curley
112
answered 4 hours ago
Henry CurleyHenry Curley
112
112
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Henry Curley is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
Brian Rice is a new contributor. Be nice, and check out our Code of Conduct.
Brian Rice is a new contributor. Be nice, and check out our Code of Conduct.
Brian Rice is a new contributor. Be nice, and check out our Code of Conduct.
Brian Rice is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f962588%2funable-to-create-seemingly-simple-stunnel-configuration%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Don't know if that solves the problem, but the stunnel PSK example has a line
ciphers = PSKin the server config.– Freddy
2 days ago
I had hopes... but still the same behavior.
– Brian Rice
yesterday