Deep level packet inspection, they detect patterns or whatever in encrypted traffic (and the lack of thereof) and ban the destination ip china-wide.
How they do I have no idea, but they do, on my direct first hand experience. Its not based on domain names, directly straight and total ip ban. All ports, all domains on that ip get banned forever just because you started using a VPN (OpenVPN in my case, it was a few years ago).
Deep level packet inspection, they detect patterns or whatever in encrypted traffic (and the lack of thereof) and ban the destination ip china-wide.
How they do I have no idea, but they do, on my direct first hand experience. Its not based on domain names, directly straight and total ip ban. All ports, all domains on that ip get banned forever just because you started using a VPN (OpenVPN in my case, it was a few years ago).
You need something like stunnel/OpenVPN flag which masks your traffic as HTTPS I think. Even then DPI can probably detect it
They’re looking for traffic patterns. It doesn’t matter what encryption you’re using, If it’s point to point, they’re going to find it and disable it.
Just ask Cisco (they are the contractor for China)