Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can I open an additional port when a client connects via OpenVPN?

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 589 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      benbeka
      last edited by

      I know this seems like an odd thing to do, but I have remote workers without static IP addresses and they have a PC with an openvpn client and a separate (hardware) IP phone. My phone system seems to be compromised from a security point of view, so I keep it behind the firewall.

      Without putting extra hardware at their end, I'd like to open the IP Phone port through the firewall to their current IP address when they connect through the VPN. When they disconnect, I'd like to close the port again (but it's probably safe enough to do this via a cron job). To complicate matters, there may be several clients connected simultaneously.

      Is a floating rule the way to go, or have I missed something obvious. Help and advice would be appreciated.

      Thanks

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        There isn't any mechanism to do that.

        What type of phone handset? Some SNOM and Yealink handsets support OpenVPN natively in their firmware

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • B
          benbeka
          last edited by

          Thanks for the reply.

          Unfortunately it's an older Samsung 7200 system, with woeful security and relatively simple handsets. It looks like an upgrade is the only way to solve this.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.