It was for that reason OpenVPN set up in SSL mode over TCP 443 was king, a few y... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		crims0n 11 months ago \| parent \| context \| favorite \| on: Tailscale is pretty useful It was for that reason OpenVPN set up in SSL mode over TCP 443 was king, a few years ago most firewalls could not distinguish it from regular TLS encrypted web traffic. These days with application layer "next gen" firewalls though, a zealous network administrator can distinguish between the two and block just the VPN connection if they so choose.

kdmtctl 11 months ago [–]

Chinese V2Ray derivatives are indistinguishable from regular traffic and still penetrate the GFW but get detected when used for domestic services, which is not advised. Work best for short lived sessions in restrictive environments.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact