Hello Martin
what are you trying to achieve ?
are you trying to wrap a pptp tunnel inside a TLS tunnel similar to
SSTP ?
if im not mistaken you also need to encapsulate the assoicated PPTP
GRE traffic aswell
have you seen the following secition fo the stunnel manual
If you want to provide tunneling to your pppd daemon on port 2020, use
something like:
[vpn]
accept = 2020
exec = /usr/sbin/pppd
execArgs = pppd local
pty = yes
I havent tried what you are doing but I think you need to find some
way of passing
both the GRE traffic and the TCP 1723 traffic into stunnel ... and
vice versa on the other
end ...
I hope this helps
Tom Smyth
On Wed, 17 Apr 2019 at 17:49, Martin Got <[email protected]> wrote:
>
> How to use 'stunnel' in client mode to accept connections on pty from local
> programs like 'ppp' instead of 'accept=IP:PORT'?
>
> 'pty = yes' seems work in server mode only, so when I removed
> 'accept = 127.0.0.1:1723' from 'stunnel' client config I'm getting the error:
>
> [!] Service [ppp]: Each service must define two endpoints on stunnel-5.44
>
> I need to call 'stunnel' client from 'pppd' and communicate with 'stunnel'
> using pty if it was possible by using a command:
>
> pppd /dev/ptyp3 10.0.1.2: local debug noauth passive noccp novj novjccomp
> nopcomp noaccomp name ppp-client connect 'stunnel
> /etc/stunnel/stunnel-client.conf'
>
> Both 'pppd' and 'stunnel' started by executing the command above, but 'pppd'
> can't communicate to 'stunnel' server using pty.
>
> Please advice.
>
> [ppp]
> client = yes
> accept = [127.0.0.1:1723 ](http://127.0.0.1:1723)
> ^^^^^^^^^^^^^^^^^^^^^^^
> connect = STUNNEL-SERVER-IP:723
> CAfile = /etc/stunnel/ca.crt
> cert = /etc/stunnel/client.crt
> key = /etc/stunnel/client.key
> verifyChain = yes
> checkHost = hostna.me
> ;checkIP = 1.2.3.4
--
Kindest regards,
Tom Smyth
The information contained in this E-mail is intended only for the
confidential use of the named recipient. If the reader of this message
is not the intended recipient or the person responsible for
delivering it to the recipient, you are hereby notified that you have
received this communication in error and that any review,
dissemination or copying of this communication is strictly prohibited.
If you have received this in error, please notify the sender
immediately by telephone at the number above and erase the message
You are requested to carry out your own virus check before
opening any attachment.
