So I've been trying to use Stunnel (http://www.stunnel.org/) on an unsecured wireless network I use fairly frequently to try to secure my traffic (and no, I can't just use vanilla SSH -- outgoing SSH traffic is blocked).
After some testing it looks like Stunnel, being that it's just an SSL connection, is pretty much transparent from any other SSL connection (like, say, Gmail or a banking site or whatever).
The only problem, is, apparently, some router or other piece of infrastructure on this network -- SOMETIMES -- blocks outgoing SSL connections. It would make perfect sense if they blocked outgoing port 443, or if SSL traffic was always filtered, but this is not the case: SSL-enabled web pages (again, Gmail, for example) work just fine 100% of the time, but Stunnel doesn't seem to be able to successfully open a connection at all.
So as a test I tried just using "openssl s_client" to see what exact was going wrong -- and here's where things get weird. The openssl client successfully connects, say, 50%-ish of the time. The rest of the time, it gets a packet from some Cisco piece of hardware that tells it to drop the connection (I confirmed this through Wireshark).
So anyway, my question is, what method can I use to figure out why this router is (sometimes) blocking my outgoing connection and other times does not, and what should I try to get it to leave Stunnel traffic alone the same way it does to SSL websites?
I can tell, like I said, that I'm receiving some drop packets from a piece of Cisco hardware, but after looking through some packet captures I can't really tell what the difference is between a blocked connection and a working connection.