4. Have to use port 443?

Have to use port 443?

  • B

    Right now my home network VPN server is set to listen to port 1194, but my school network blocks everything except for 80 and 443 (but connecting to a VPN is allowed).

    Is my best bet setting my pfSense OpenVPN server to listen on port 443 and setting my client to the same? Or am I better off port forwarding my server 443–>1194?

    Is one "better" or more secure than the other?

    0
  • LAYER 8 Global Moderator

    I use 443 from work all the time.. I have open listening on both 1194 udp so if from a site that allows that I can use the UDP.  But when at sites are locked down or require proxy doing openvpn over tcp works just fine.  443 is almost always open if location has internet.

    0
  • B

    Also, am I going to run into trouble if I try to VPN from a 192.168.1.0/24 network when my home network is also 192.168.1.0/24? Even if my tunnel address is 10.10.0.0/24?

    0
  • C

    @Bear:

    Also, am I going to run into trouble if I try to VPN from a 192.168.1.0/24 network when my home network is also 192.168.1.0/24? Even if my tunnel address is 10.10.0.0/24?

    Not a problem connecting, but you won't be able to route anything across. Use something obscure on your home network.

    0
  • B

    Can I use any combination of numbers? 100.100.100.0/24?

    0
  • LAYER 8 Netgate

    192.168.0.0/16 (192.168.0.0 - 192.168.255.0)
    172.16.0.0/12 (172.16.0.0 - 172.31.255.0)
    10.0.0.0/8 (10.0.0.0 - 10.255.255.0)

    Some random choices:

    10.63.89.0/24
    172.18.152.0/24
    192.168.148.0/24

    Search for RFC1918

    0
  • B

    Well, I just went to change the subnet on pfSense…and it looks like it either crashed or locked me out of the GUI.... >:(

    0
  • LAYER 8 Global Moderator

    Well what did you change it from, and what was the IP of your machine you were accessing it from.. Yeah if you change the network on pfsense to something different than your machine is on - going to be kind of hard to connect to pfsense ;)

    0
  • LAYER 8 Netgate

    If you change the LAN addressing from LAN what did you expect?

    Re-address your workstation on the new scheme and connect to the new address.  Be sure to adjust your DHCP server to the new network.

    0
  • B

    I thought it would let me go to the other page to change the DHCP range. Those two options should be on the same page!

    We were all new once, right?  ::)

    Fixed it. So now my network is 192.168.100.0/24. And everything works. I think.  :P

    Thanks everyone for the help so far.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy