VPN ports to internal phone servers
-
So here is my predicament. I have a firewall that is already using 1194 pointed at an internal phone server for remote phones. How do i use another port, on the firewall, to direct a softphone+openvpn app, on android, to the internal IP of another phone server within the same network? I know of port forwarding but because these phone servers have the same public IP, i cant use 1194 on both w/o screwing up the hosted phone server.
Please help. -
you can forward any port to any other port so if you have say 3 severs all listening on 1194
publicIP:1194---->192.168.1.100:1194
publicIP:1195---->192.168.1.101:1194
publicIP:1196---->192.168.1.102:1194You just have to change the remote clients to use the outside port. This is simple openvpn config on the client side.
-
So in the case of the OpenVPN Connect app, you can't do that. I might be able to do that with the OpenVPN for Android app though.
-
which app... I run openservers on multiple different ports... You can do change what port they go to its just in the ovpn file your talking about for ios and android right.. the connect app
just edit the ovpn file before you import it.
-
The apps i listed, OpenVPN Connect is an android app for smart phones. The other app is OpenVPN for Android. Both are on the Google play store.
-
And how do you get the info for your server into the app? You load the ovpn file - which has the port in it... So yeah you can do it no matter what client your using.
-
@johnpoz ok
-
Why can you not just connect to pfsense and setup your softphone to use the private IP of the server? Then you only need to run 1 vpnserver which is on your edge and your clients can connect to whatever private IP they want for your server.
-
@johnpoz it would be the port attached to the public IP if im correct, in the ovpn file.
-
@johnpoz im working with an already established system in which he has multiple vpn tunnels to different pfsense firewalls. Im just trying to get through the firewall to an OpenVPN server on a freepbx phone server. I can't use 1194, on the firewall, because it's already nat'd to another internal phone server
-
yeah then just edit the ovpn file before you give it to them.. its just a text file change the port listed in the file to the one you want to use on your public IP, and then forward that to 1194
Easy Peasy Lemon Squeezy ;)
-
@johnpoz So one App was picky in changing the external port. The other App worked around the change and made the connection. Problem solved.
-
The app is junk then.. What if the port is in use? What if the port is blocked, etc. etc. Locking something down to the standard port is going to cause issues..
Glad you got it sorted with the other app..
-
@johnpoz thanks for the help man.