Best VPN Standard / Enterprise?



  • So I connect to my VPN (or want to) via my companies internet. However they block every port that isn't explicitly allowed.

    Is there a VPN that utilises a generally otherwise allowed port?



  • openvpn..
    it uses by default 443(https port)



  • @Metu69salemi:

    openvpn..
    it uses by default 443(https port)

    Are you sure ?
    As far as I know OpenVPNM uses by defaul Port 1194 (UDP).
    But you are right. If you setup an OpenVPN server (e.g. on pfsense) than you can change the port and protocol.

    And then Metu69salemi is absolutly correct:
    Start your OpenVPN server with port 443 (https) and TCP as protocol. This should work if you are allowed to connect to https websites.
    But sometimes it is not allowed to connect to an IP address so you have to choose a (dyn)DNS name instead.



  • Nachtfalke you were right, i have two openvpn servers another is 443 and another is 444
    and thusfore i remembered wrong. my bad



  • Excellent news. Thank you guys.

    Is the performance over PPTP much greater? As at the moment I am crawling.



  • I think there is now performance difference if the machines which are doing the VPN have enough power to handle the bandwidth.

    But I do not have much experience with PPTP.


  • Rebel Alliance Developer Netgate

    It might be slower than PPTP but not by much. It depends on the cipher. It's slower because PPTP's encryption is weak and shoddy, whereas OpenVPN uses proper ciphers.

    Also you can run OpenVPN on any port you want. The default is udp/1194 but you can run it anywhere you have an unused port (TCP or UDP).

    You can even share port 443 between OpenVPN and a web server for extra sneakiness. :-)
    http://doc.pfsense.org/index.php/Sharing_a_Port_with_OpenVPN_and_a_Web_Server



  • Excellent. I have configured an OpenVPN server and I am now trying to fine tune it.

    Could someone explain the steps to achieve this however?

    "To set this up, configure an OpenVPN server to listen on TCP port 443, and add a firewall rule to pass traffic to the WAN IP (or whatever IP used for OpenVPN) on port 443."

    How do I pass 443 to the OpenVPN in the Firewall? I have already set the OpenVPN server to listen on 443/TCP.


  • Netgate Administrator

    If you are using pfSense as the OpenVPN server (and I expect you are but it's not completely clear from this thread) then you simply need to add a firewall rule to WAN to allow traffic on port 443 with destination 'WAN address'.

    If you have a separate server you will need to setup port forwarding to it.
    http://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense%3F

    Steve



  • @dLockers:

    Excellent. I have configured an OpenVPN server and I am now trying to fine tune it.

    Could someone explain the steps to achieve this however?

    "To set this up, configure an OpenVPN server to listen on TCP port 443, and add a firewall rule to pass traffic to the WAN IP (or whatever IP used for OpenVPN) on port 443."

    How do I pass 443 to the OpenVPN in the Firewall? I have already set the OpenVPN server to listen on 443/TCP.

    If pfsense is OpenVPN server add the following rule to your WAN:
    Action: Pass
    Protocol: TCP
    Source IP: any
    Source Port: any
    Destination IP: WAN address
    Destination Port: https (443)

    Thats all.


Log in to reply