Hacker News new | ask | show | jobs
by netheril96 3669 days ago
To get around GFW, use openconnect instead. That is as or more secure than OpenVPN, and not current filtered.
1 comments
vetinari 3669 days ago
> That is as or more secure than OpenVPN

How does it achieve that? They both use TLS, in both, you can pick your ciphers.

Additionaly, they both use OpenSSL, which is often found buggy and the ciphers are not hw accelerated.

link
zurn 3669 days ago
OpenVPN uses its own non-TLS UDP protocol to carry traffic (with an optional TCP fallback), and only uses TLS for connection setup. ref: https://wiki.wireshark.org/OpenVPN
link
netheril96 3668 days ago
OpenVPN does not support many of the more secure ciphers in TLS, while openconnect does.
link