Как подключиться к open vpn через http прокси (реальный ip-прокси-open vpn)?
Мне нужно как клиенту (на сервере vpn я ничего менять не могу) подключиться сначала к http прокси, а потом через прокси к open vpn. Т.е. задача стоит, чтобы vpn сервер видел ip прокси, а мой реальный ip не видел. У меня есть клиентский конфиг для open vpn. Я добавил в него proxy (выделю строчки, которые добавил). Но в логах open vpn в последней строке отображается мой реальный ip.
Клиентский конфиг для open vpn, в который я добавил свой прокси (некоторую инфу заменил *):
setenv UV_TOKEN "****"
dev tun
proto tcp
remote ***-**-***-***.ip.shared.***.cloud 8015
http-proxy 109.196.*.*** 40209 auto # вот эти 5 строчек я добавил
<http-proxy-user-pass>
login
pass
</http-proxy-user-pass>
cipher AES-256-CBC
auth SHA384
auth-nocache
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
push-peer-info
sndbuf 393216
rcvbuf 393216
mute-replay-warnings
remote-cert-tls server
remote-cert-ku f6
route-gateway 10.100.*.*
redirect-gateway def1
<ca>
-----BEGIN CERTIFICATE-----
***
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
***
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
***
-----END PRIVATE KEY-----
</key>
В логах open vpn выдает следующее:
Mon Jan 2 18:43:22 2023 OpenVPN 2.5.8 [git:none/0357ceb877687faa] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 2 2022
Mon Jan 2 18:43:22 2023 Windows version 10.0 (Windows 10 or greater) 64bit
Mon Jan 2 18:43:22 2023 library versions: OpenSSL 1.1.1s 1 Nov 2022, LZO 2.10
Mon Jan 2 18:43:22 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jan 2 18:43:22 2023 Need hold release from management interface, waiting...
Mon Jan 2 18:43:22 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'state on'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'log on all'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'echo on all'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'bytecount 5'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'state'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'hold off'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'hold release'
Mon Jan 2 18:43:22 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:22 2023 Socket Buffers: R=[131072->393216] S=[131072->393216]
Mon Jan 2 18:43:22 2023 Attempting to establish TCP connection with [AF_INET]109.196.*.***:40209 [nonblock]
Mon Jan 2 18:43:22 2023 MANAGEMENT: >STATE:1672674202,TCP_CONNECT,,,,,,
Mon Jan 2 18:43:22 2023 TCP connection established with [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:22 2023 Send to HTTP proxy: 'CONNECT ***-**-***-***.ip.shared.***.cloud:8015 HTTP/1.0'
Mon Jan 2 18:43:22 2023 Send to HTTP proxy: 'Host: ***-**-***-***.ip.shared.***.cloud'
Mon Jan 2 18:43:23 2023 HTTP proxy returned: 'HTTP/1.0 407 Proxy Authentication Required'
Mon Jan 2 18:43:23 2023 Proxy requires authentication
Mon Jan 2 18:43:23 2023 PROXY AUTH BASIC: 'Proxy-Authenticate: Basic realm="proxy"'
Mon Jan 2 18:43:23 2023 HTTP proxy authenticate 'realm="proxy"'
Mon Jan 2 18:43:23 2023 Attempting to establish TCP connection with [AF_INET]109.196.*.***:40209 [nonblock]
Mon Jan 2 18:43:23 2023 MANAGEMENT: >STATE:1672674203,TCP_CONNECT,,,,,,
Mon Jan 2 18:43:23 2023 TCP connection established with [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:23 2023 Send to HTTP proxy: 'CONNECT ***-**-***-***.ip.shared.***.cloud:8015 HTTP/1.0'
Mon Jan 2 18:43:23 2023 Send to HTTP proxy: 'Host: ***-**-***-***.ip.shared.***.cloud'
Mon Jan 2 18:43:23 2023 Attempting Basic Proxy-Authorization
Mon Jan 2 18:43:23 2023 HTTP proxy returned: 'HTTP/1.0 200 Connection established'
Mon Jan 2 18:43:25 2023 TCP_CLIENT link local: (not bound)
Mon Jan 2 18:43:25 2023 TCP_CLIENT link remote: [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:25 2023 MANAGEMENT: >STATE:1672674205,WAIT,,,,,,
Mon Jan 2 18:43:25 2023 MANAGEMENT: >STATE:1672674205,AUTH,,,,,,
Mon Jan 2 18:43:25 2023 TLS: Initial packet from [AF_INET]109.196.*.***:40209, sid=f97ad527 97e51799
Mon Jan 2 18:43:26 2023 Validating certificate key usage
Mon Jan 2 18:43:26 2023 VERIFY KU OK
Mon Jan 2 18:43:26 2023 Validating certificate extended key usage
Mon Jan 2 18:43:26 2023 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Jan 2 18:43:26 2023 VERIFY EKU OK
Mon Jan 2 18:43:26 2023 VERIFY OK: depth=0, CN=IPB, O=IPB, OU=Core Team, ST=St.Pauls
Mon Jan 2 18:43:26 2023 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
Mon Jan 2 18:43:26 2023 [IPB] Peer Connection Initiated with [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:28 2023 MANAGEMENT: >STATE:1672674208,GET_CONFIG,,,,,,
Mon Jan 2 18:43:28 2023 SENT CONTROL [IPB]: 'PUSH_REQUEST' (status=1)
Mon Jan 2 18:43:28 2023 PUSH: Received control message: 'PUSH_REPLY,ping 3,ping-restart 10,ifconfig 10.100.11.169 10.100.11.170,dhcp-option DNS 10.100.8.1,route-gateway 10.100.11.170,redirect-gateway def1'
Mon Jan 2 18:43:28 2023 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
Mon Jan 2 18:43:22 2023 OpenVPN 2.5.8 [git:none/0357ceb877687faa] Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Dec 2 2022
Mon Jan 2 18:43:22 2023 Windows version 10.0 (Windows 10 or greater) 64bit
Mon Jan 2 18:43:22 2023 library versions: OpenSSL 1.1.1s 1 Nov 2022, LZO 2.10
Mon Jan 2 18:43:22 2023 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Mon Jan 2 18:43:22 2023 Need hold release from management interface, waiting...
Mon Jan 2 18:43:22 2023 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'state on'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'log on all'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'echo on all'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'bytecount 5'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'state'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'hold off'
Mon Jan 2 18:43:22 2023 MANAGEMENT: CMD 'hold release'
Mon Jan 2 18:43:22 2023 TCP/UDP: Preserving recently used remote address: [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:22 2023 Socket Buffers: R=[131072->393216] S=[131072->393216]
Mon Jan 2 18:43:22 2023 Attempting to establish TCP connection with [AF_INET]109.196.*.***:40209 [nonblock]
Mon Jan 2 18:43:22 2023 MANAGEMENT: >STATE:1672674202,TCP_CONNECT,,,,,,
Mon Jan 2 18:43:22 2023 TCP connection established with [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:22 2023 Send to HTTP proxy: 'CONNECT ***-**-***-***.ip.shared.***.cloud:8015 HTTP/1.0'
Mon Jan 2 18:43:22 2023 Send to HTTP proxy: 'Host: ***-**-***-***.ip.shared.***.cloud'
Mon Jan 2 18:43:23 2023 HTTP proxy returned: 'HTTP/1.0 407 Proxy Authentication Required'
Mon Jan 2 18:43:23 2023 Proxy requires authentication
Mon Jan 2 18:43:23 2023 PROXY AUTH BASIC: 'Proxy-Authenticate: Basic realm="proxy"'
Mon Jan 2 18:43:23 2023 HTTP proxy authenticate 'realm="proxy"'
Mon Jan 2 18:43:23 2023 Attempting to establish TCP connection with [AF_INET]109.196.*.***:40209 [nonblock]
Mon Jan 2 18:43:23 2023 MANAGEMENT: >STATE:1672674203,TCP_CONNECT,,,,,,
Mon Jan 2 18:43:23 2023 TCP connection established with [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:23 2023 Send to HTTP proxy: 'CONNECT ***-**-***-***.ip.shared.***.cloud:8015 HTTP/1.0'
Mon Jan 2 18:43:23 2023 Send to HTTP proxy: 'Host: ***-**-***-***.ip.shared.***.cloud'
Mon Jan 2 18:43:23 2023 Attempting Basic Proxy-Authorization
Mon Jan 2 18:43:23 2023 HTTP proxy returned: 'HTTP/1.0 200 Connection established'
Mon Jan 2 18:43:25 2023 TCP_CLIENT link local: (not bound)
Mon Jan 2 18:43:25 2023 TCP_CLIENT link remote: [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:25 2023 MANAGEMENT: >STATE:1672674205,WAIT,,,,,,
Mon Jan 2 18:43:25 2023 MANAGEMENT: >STATE:1672674205,AUTH,,,,,,
Mon Jan 2 18:43:25 2023 TLS: Initial packet from [AF_INET]109.196.*.***:40209, sid=f97ad527 97e51799
Mon Jan 2 18:43:26 2023 Validating certificate key usage
Mon Jan 2 18:43:26 2023 VERIFY KU OK
Mon Jan 2 18:43:26 2023 Validating certificate extended key usage
Mon Jan 2 18:43:26 2023 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mon Jan 2 18:43:26 2023 VERIFY EKU OK
Mon Jan 2 18:43:26 2023 VERIFY OK: depth=0, CN=IPB, O=IPB, OU=Core Team, ST=St.Pauls
Mon Jan 2 18:43:26 2023 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
Mon Jan 2 18:43:26 2023 [IPB] Peer Connection Initiated with [AF_INET]109.196.*.***:40209
Mon Jan 2 18:43:28 2023 MANAGEMENT: >STATE:1672674208,GET_CONFIG,,,,,,
Mon Jan 2 18:43:28 2023 SENT CONTROL [IPB]: 'PUSH_REQUEST' (status=1)
Mon Jan 2 18:43:28 2023 PUSH: Received control message: 'PUSH_REPLY,ping 3,ping-restart 10,ifconfig 10.100.**.*** 10.100.11.170,dhcp-option DNS 10.100.8.1,route-gateway 10.100.11.170,redirect-gateway def1'
Mon Jan 2 18:43:28 2023 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
Mon Jan 2 18:43:28 2023 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 2 18:43:28 2023 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 2 18:43:28 2023 OPTIONS IMPORT: route options modified
Mon Jan 2 18:43:28 2023 OPTIONS IMPORT: route-related options modified
Mon Jan 2 18:43:28 2023 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Jan 2 18:43:28 2023 Using peer cipher 'AES-256-CBC'
Mon Jan 2 18:43:28 2023 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Jan 2 18:43:28 2023 Outgoing Data Channel: Using 384 bit message hash 'SHA384' for HMAC authentication
Mon Jan 2 18:43:28 2023 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Mon Jan 2 18:43:28 2023 Incoming Data Channel: Using 384 bit message hash 'SHA384' for HMAC authentication
Mon Jan 2 18:43:28 2023 interactive service msg_channel=648
Mon Jan 2 18:43:28 2023 open_tun
Mon Jan 2 18:43:28 2023 tap-windows6 device [OpenVPN TAP-Windows6] opened
Mon Jan 2 18:43:28 2023 TAP-Windows Driver Version 9.24
Mon Jan 2 18:43:28 2023 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.100.**.***/255.255.255.252 on interface {503DAB33-DF39-43CC-BCB3-CC8A27E44327} [DHCP-serv: 10.100.11.170, lease-time: 31536000]
Mon Jan 2 18:43:28 2023 Successful ARP Flush on interface [26] {503DAB33-DF39-43CC-BCB3-CC8A27E44327}
Mon Jan 2 18:43:28 2023 MANAGEMENT: >STATE:1672674208,ASSIGN_IP,,10.100.**.***,,,,
Mon Jan 2 18:43:28 2023 IPv4 MTU set to 1500 on interface 26 using service
Mon Jan 2 18:43:33 2023 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Mon Jan 2 18:43:33 2023 C:\Windows\system32\route.exe ADD 109.196.*.*** MASK 255.255.255.255 176.124.192.1
Mon Jan 2 18:43:33 2023 Route addition via service succeeded
Mon Jan 2 18:43:33 2023 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.100.11.170
Mon Jan 2 18:43:33 2023 Route addition via service succeeded
Mon Jan 2 18:43:33 2023 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.100.11.170
Mon Jan 2 18:43:33 2023 Route addition via service succeeded
Mon Jan 2 18:43:33 2023 Initialization Sequence Completed
Mon Jan 2 18:43:33 2023 MANAGEMENT: >STATE:1672674213,CONNECTED,SUCCESS,10.100.**.***,109.196.*.***,40209,178.120.55.134,59608
И вот в конце он выдает мой реальный ip 178.120.55.134. Виден ли мой реальный ip на vpn-сервере или там виден ip прокси? И если виден мой реальный, то что я делаю не так?