Haproxy with OpenVPN and ocserv

One of the reason I wanna setup Openvpn and ocserv under port 443 is because my university start to blocking ports. Usually port 443 is use as HTTPS protocol, in general firewall dont block it by default.


// Openvpn conf
port 993

// ocserv conf
tcp port 4443
listen-proxy-proto = true

// Haproxy conf
frontend www-https
   bind :::443
   mode tcp
   tcp-request inspect-delay 5s
   tcp-request content accept if { req.ssl_hello_type 1 }
   use_backend openvpn         if  !{ req.ssl_hello_type 1 } !{ req.len 0 }
   acl vpn-app req_ssl_sni -i vpn.xx.com
   option ssl-hello-chk
   use_backend ocserv

backend ocserv
	mode tcp
	option ssl-hello-chk
	server ocserv send-proxy-v2	 

backend openvpn
        mode tcp
        server openvpn-vpn

https://314es.pl/https-openvpn-and-ssh-on-one-port-thanks-to-haproxy *** Working
1. https://github.com/openconnect/recipes/blob/master/ocserv-multihost.md
2. https://huataihuang.gitbooks.io/cloud-atlas/service/ssh/sslh_multi_service_in_one_port.html
3. https://ocserv.gitlab.io/www/recipes-ocserv-multihost.html
4. https://github.com/dlundquist/sniproxy
5. https://www.linuxbabe.com/ubuntu/openconnect-vpn-server-ocserv-ubuntu-16-04-17-10-lets-encrypt