OpenVPN problem NAT



  • Hi,

    I have another problem with a firewall pfsense (i have two).
    On port 443 I have a NAT to an internal server.
    The https firewall runs on an ad hoc port.
    I have configured openVPN on UDP port 1194, open the door on the firewall etc.
    I can not connect remotely, it is in standby and says it is impossible to establish the connection.
    I suspect that the problem is given by NAT on port 443.
    Is there a possibility to change the TCP port to OpenVPN?
    I also tried configuring OpenVPN on TCP or UDP port 993 but it does not work.

    Do you have any ideas?

    Best regards

    tripper



  • Yes, you can change openVPN to listen on any port you like. OpenVPN listens on port 1194 UDP by default.

    NAT https on 443 is unlikely to interfere with openvpn, different service, different port.

    Your question is not thoroughly written, you don't say whether it is the web client or the vpn client that can not connect.

    The connection path is

    [your edge or next hop WAN device; is it forwarding 1194 UDP, or do you have a PPPoE ] > pfSense WAN interface [allow port 1194 UDP in, no NAT] > OpenVPN server instance [listen on 1194 UDP]

    Your logs may tell you more.

    More often with OpenVPN failed to connect, one of the settings does not match on both sides.



  • Hi,
    having NAT and port forwarding rules in port 443 there are problems with passing openvpn traffic on port 1194 with udp and tcp protocol.
    Since it is the second backup firewall, I solved this setting:
    Port-share x.x.x.x port (with port configured in openVPN also enabling udp traffic)

    Thanks for your reply!

    tripper


Log in to reply