I need to get reliable Internet connection behind a restrictive firewall.
facts:
- firewall handless HTTP CONNECT to anywhere as long as it goes to destination port 443
- I have some servers publicly accessible on Internet but they are all handling traffic on port 443
Therefore:
- I cannot use "regular" tunnel over http tools like corkscrew or httptunnel as my port on 443 is busy
- I cannot connect to any other ports but 443, as http proxy will not let me do it,
- I cannot change already-running https server's port on my servers
As I operate a reverse-proxy (pound proxy, a http-http router and load balancer) on port 443, I could start a "fake" httpd behind my reverse-proxy and set my reverse proxy to handle tunnel oriented connections to this "fake" httpd, which would handle the connections from my computer behind the restrictive proxy.
Do anyone knows a http IP tunnel software which operates as a client-server model and uses "fake" httpd to listen to incoming tunnel connections?
You can use openvpn http://www.openvpn.net/. On client side use protocol TCP and proxy. On server side use protocol TCP and port share with apache server not work on Windows.
HTTPTunnel is just the thing I looked for
Hmmm.. Not sure if I understand you correctly. It sounds like you are trying to tunnel in from the Internet, which is why you want a server model but it also sounds like you are trying to tunnel out to the Internet, because you are using CONNECT over a proxy.
Now, assuming that you are trying to tunnel out to ports other than port 443, you can have a second proxy set up externally and use a two layer tunnel-over-a-tunnel as I think you have already figured out.
Assuming that you are trying to tunnel into the network to ports other than port 443, this could turn into a security hole that you do not want. So, it may be best to just forward the connections from your firewall into the internal system.