OpenVPN on Multiple Ports
-
Hi All
I would like to have 2 instances of OpenVPN running. one to listen on the standar port of 1194 and another on Port 80.
I know what your saying…Why Port 80, that's for Web?
Well the reason is that I sometimes have road warriors that stay in Hotel rooms with very strict access to the internet and Port 80 is the most likely port to be open.
So can I have an instance of OpenVPN running on port 80 listening on the WAN IP interface address? (I currently use https 443 for the PFSense web gui access)
Now if this is not possible, can I assign a sub-interface IP from the same /29 network my WAN IP is on, onto the WAN Interface and listen on that IP instead.
So if My WAN IP is 203.82.XXX.AAA/29, and the sub-interface IP is 203.82.XXX.BBB, could I have OpenVPN listening on 203.82.XXX.BBB Port 80?
Thanks
-
That should work.
Just create a second OpenVPN server.
I'm running my OpenVPN server on 443 (webgui on 444) to get through the proxy in my university.The OpenVPN server per default binds to all IP's it can bind to.
So make sure you use CARP-type VIP's for you second interface.
You could also specify in the custom options to which interface the openVPN server should bind to. -
OK, so I need to create a CARP VIP using 203.82.XXX.BBB
Then I can create the second instance of OpenVPN listening on port 80 at this address?
-
While I can't speak specifically to running multiple instances of OpenVPN, as someone who runs sshd on 80, 443, and 5190 (AIM; Continental Airlines used to allow 5190 through to any address, not just AOL), I can suggest that you want to move the management interface to another port and run an OpenVPN listener there - places that are big on the walled garden often have cacheing proxies in the middle for http (https is impractical to proxy, so it is more likely to go straight through).
-rob
