Port for almost certain OpenVPN access?
-
Hi guys,
I have been using OpenVPN on pfSense as my 'out on the road' VPN solution for nearly 3 years now. However I have had a couple of issues when I am connected to some more restrictive public wifi hotspots. They obviously do not allow UDP 1194.
Im thinking that changing the VPN server to UDP 53 which is DNS, so therefore more likely to be allowed outbound from most networks that 1194 right?
Does anyone see any issues with this or have a better solution that I don't know about?
-
You can try it but it'll ultimately be an "it depends" situation.
There is little if any reason to block outbound UDP/1194 in a public hotspot setting, other than to inconvenience your guests.
The same admin that thinks it's a good idea to block that sort of traffic might very well block UDP/53 to anything but the local or preferred DNS resolver given out by DHCP.
The best thing to do is probably complain or take your money elsewhere.
-
I run udp 1194 and tcp 443.. 443 is going to be open if they allow internet access ;) While it also allows you to bounce the vpn connection off a proxy if they are doing that too.
It might not be the place blocks udp 1194 on purpose, they might just be allowing the known ports for typical internet access. So maybe they only allow dns, http/https, etc..
Try your udp connection, if doesn't work then just fall back to tcp over 443.