- π§ Overview
- β¨ Features
- 𧱠Requirements
- π Getting Started
- π Connection Flow
- π License
- π€ Author
This project enables tunneling OpenVPN (TCP/UDP) traffic through ICMP (Ping) packets using Docker and PingTunnel. It is ideal for bypassing firewalls or networks where only ICMP is allowed. The system deploys OpenVPN and TinyProxy via Docker and establishes a secure tunnel between client and server.
- Tunnel OpenVPN via ICMP (PingTunnel)
- Dockerized server and client configurations
- Supports both TCP (with TinyProxy like seamless and without it) and UDP OpenVPN modes
- Easy setup with Docker Compose scripts
- Designed for use in restricted network environments
This project provides a Docker-based setup to deploy an OpenVPN server (TCP/UDP), TinyProxy HTTP proxy, and PingTunnel to bypass restrictive networks using ICMP tunneling. It includes both server-side and client-side configurations.
- Docker & Docker Compose
- Root privileges (for tunneling and VPN)
- Public server with ICMP allowed (for PingTunnel)
If you don't have Docker installed, you can quickly install it using the official convenience script:
curl -fsSL https://get.docker.com | bashgit clone https://github.com/arezaie14/openvpn-over-icmp.git
cd openvpn-over-icmpJust copy .env.example inside folders with below command then edit both files according to your environment.
On server with internet:
cd ./server
cp ./.env.example ./.envOn server with limited internet:
cd ./client
cp ./.env.example ./.envSERVER_ADDRESS: Ip address of server with internet access.OVPN_PORT: Open vpn public port.PASSWORD: Password to use when tunneling pingtunnel it can between 0-2147483647.PROXY_PORT: TinyPorxy public port.PROXY_USER: TinyPorxy username.PROXY_PASS: TinyPorxy password.OVPN_TCP_SERVER_ADDRESS: IP address to config OpenVpn in TCP mode (When using tinyproxy it can be IP of server with internet access else it can be IP of server limited internet access).OVPN_UDP_SERVER_ADDRESS: IP address to config OpenVpn in UDP mode it's the server with limited internet access.
chmod +x ./run.server.sh
./run.server.shchmod +x ./run.client.sh
./run.client.shdocker exec -it openvpn-tcp bash /ovpn-add-client.shYou can download the client configuration file from ./server/ovpn/openvpn-tcp-data/confs directory after running the above command.
docker exec -it openvpn-udp bash /ovpn-add-client.shYou can download the client configuration file from ./server/ovpn/openvpn-udp-data/confs directory after running the above command.
sequenceDiagram
title OpenVpn TCP/UDP Over ICMP Diagram;
OpenVpn Client ->>Server With Limited Access:UDP/TCP Request;
Server With Limited Access->>PingTunnel:ICMP Request;
PingTunnel->> Server With Free Access:ICMP Response;
Server With Free Access->>OpenVpn Server: UDP/TCP Request;
OpenVpn Server->>Server With Free Access:UDP/TCP Response;
Server With Free Access->>PingTunnel:ICMP Request;
PingTunnel->>Server With Limited Access:ICMP Response;
Server With Limited Access->>OpenVpn Client:UDP/TCP Response;
sequenceDiagram
title OpenVpn TCP Over TinyProxy And ICMP Diagram;
Client With OpenVpn Blocked By ISP ->>Server With Limited Access:TCP Http Proxy Request;
Server With Limited Access->>PingTunnel:ICMP Request;
PingTunnel->> Server With Free Access:ICMP Response;
Server With Free Access->>Tiny Proxy Server: TCP HTTP Request;
Tiny Proxy Server->>Server With Free Access:TCP HTTP Response;
Server With Free Access->>PingTunnel:ICMP Request;
PingTunnel->>Server With Limited Access:ICMP Response;
Server With Limited Access->>Client With OpenVpn Blocked By ISP:Http Proxy Response Connected;
Client With OpenVpn Blocked By ISP ->>Server With Free Access:TCP Request;
Server With Free Access ->>OpenVpn Server:TCP Request;
OpenVpn Server->>Server With Free Access: TCP Response;
Server With Free Access->>Client With OpenVpn Blocked By ISP: TCP Response Connected;
Please Visit MIT License
Amin Rezaie
π§ Email: arezaie14@gmail.com
π GitHub: github.com/arezaie14
If you find this project useful, feel free to β star it and share it with others!
Pull requests and issues are welcome!