SSTP?
-
Is this possible with OpenVPN?
My employer blocks VPN's and OpenVPN over TCP Port 443 is slow as hell - wondering if SSTP would speed things up? Is it possible? Or would I have to DMZ my server/port forward and set it up on the Windows Server?
-
sstp is also sort of a vpn …. you sure that isn't blocked also ?
also note that you could run your openvpn server on whatever port you would like.
-
sstp is also sort of a vpn …. you sure that isn't blocked also ?
also note that you could run your openvpn server on whatever port you would like.
SSTP uses TCP 443 and then uses HTTPS to encode the data so I can't see them being able to block it unless it was very intentional (unlikely).
I thought it was a connection method that OpenVPN used from preliminary Google searches.
I have tried TCP 443 as stated with OpenVPN but it's slow as hell. I will try and see what ports our client VPN's use.
Thanks
-
Not that I'd want to encourage violating your company's policies, but …
Any VPN over TCP will have degraded performance. Have you tried using udp/53 for the VPN server? Or 5060, or a port up in the 10,000 range, so they think it's SIP/RTP and not a VPN?
-
Not that I'd want to encourage violating your company's policies, but …
Any VPN over TCP will have degraded performance. Have you tried using udp/53 for the VPN server? Or 5060, or a port up in the 10,000 range, so they think it's SIP/RTP and not a VPN?
It's not so much that we're disallowed VPN's - it's just the firewalls require opening on a per use case scenario.
I will try 53 - makes sense. Our Juniper clients use 34447 - I tried to connect using that and it doesn't work.
-
Another fun tip:
Just run one OpenVPN server for UDP, and use port forwards to have it answer on however many individual ports you want.
then you can put in several remote statements in the client config so it will try them all and (hopefully, eventually) lock onto one that works.
-
"over TCP Port 443 is slow as hell"
Curious about what you consider slow as hell, I run my openvpn over tcp 443 for pretty much same type of reason. This is normally open no matter where you at. And can even bounce the openvpn connection off the proxy here.
I am not having any performance issues that I can tell, I can do everything I need to do over the vpn and performance seems fine. What are you doing exactly that the performance is not up to your expectations?
-
"over TCP Port 443 is slow as hell"
Curious about what you consider slow as hell, I run my openvpn over tcp 443 for pretty much same type of reason. This is normally open no matter where you at. And can even bounce the openvpn connection off the proxy here.
I am not having any performance issues that I can tell, I can do everything I need to do over the vpn and performance seems fine. What are you doing exactly that the performance is not up to your expectations?
May have been my upload speed, I will try it again on 443.
Thanks Jimp, may try that out!
