OpenVPN supports connections through an HTTP proxy, with the following authentication modes:
- No proxy authentication
- Basic proxy authentication
- NTLM proxy authentication
First of all, HTTP proxy usage requires that you use TCP as the tunnel carrier protocol. So add the following to both client and server configurations:
Make sure that any proto udp lines in the config files are deleted.
Next, add the http-proxy directive to the client configuration file (see the manual page for a full description of this directive).
For example, suppose you have an HTTP proxy server on the client LAN at 192.168.4.1, which is listening for connections on port 1080. Add this to the client config:
http-proxy 192.168.4.1 1080
Suppose the HTTP proxy requires Basic authentication:
http-proxy 192.168.4.1 1080 stdin basic
Suppose the HTTP proxy requires NTLM authentication:
http-proxy 192.168.4.1 1080 stdin ntlm
The two authentication examples above will cause OpenVPN to prompt for a username/password from standard input. If you would instead like to place these credentials in a file, replace stdin with a filename, and place the username on line 1 of this file and the password on line 2.