Hi all,
I’m looking for a GUI way to utilize a VPN over TLS. I can host whatever backend VPN is needed to tunnel through, Wireguard, OpenVPN, SSH, anything. My goal is to have the VPN travel over port 443 as TLS traffic and still be able to use the native android blocks for when the VPN is not active. I currently use Wireguard, but need to convert to a TLS solution.
So far the most promising and up-to-date I’ve found is WSTunnel: https://github.com/erebe/wstunnel with this guide from Hetzner: https://community.hetzner.com/tutorials/obfuscating-wireguard-using-wstunnel, however this requires me to run a command line app in Termux and then the WG client on top of that, vs having a full GUI option. I’ll go down this path if I need to, but want to make sure I’m not missing something.
Thanks!
It’s possible that Tailscale (SaaS) or Headscale (completely oss and self-hosted) work for you. This is a vpn based on the wireguard protocol with additional magic. While TS will always attempt to create a wireguard tunnel over udp, it can fall back to HTTPS if otherwise the connection cannot be established. If your motivation is to work from a network where only TLS is permitted this could do.
Tailscale has an Android client. GUI.
I had looked into this, but I need it to be primary vs a fallback. The UDP to the IP would indicate a VPN attempt.