The thing about firewall bypassing #1 - setting up Chisel - server/client

By SN | May 05, 2023 | 1 minutes

What is Chisel?

Chisel is a lightweight tool that allows to tunnel TCP/UDP traffic over HTTP/Websocket protocol. It was introduced, along with it’s use case in another post.

Configuration

Chisel server allows to create user/password access lists - to authenticate users, and give them access to different services.

Server

This command runs server that tunnels ports for authenticated users - configured in users.json file.

1

./chisel server --authfile "users.json" --port [LISTENPORT]

users.json file - with two Wireguard ports exposed:

1
2
3
4
5


{
       "dummyuser:veryverysecretpassword": [
               "127.0.0.1:51820", "127.0.0.1:51821"
       ]
}

Client

To connect to Wireguard service from network with strict firewall policy, user has to first connect to Chisel server…

1

./chisel client --auth "dummyuser:veryverysecretpassword" -v [PUBLICIP/DOMAIN]:[SERVERLISTENPORT] 51820/udp

…and then can connect to VPN Wireguard server, replacing original Endpoint IP with 127.0.0.1.