Results 1 to 5 of 5
  1. 08-27-2009, 07:58 AM #1
    WebFooL
    WebFooL is offline
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050
    Send a message via MSN to WebFooL

    Default Port-sharing with OpenVPN

    I was reading the Change log for the RC19 when i came across this part:

    --port-share host port
    When run in TCP server mode, share the OpenVPN port with another application,
    such as an HTTPS server. If OpenVPN senses a connection to its port which is
    using a non-OpenVPN protocol, it will proxy the connection to the server at
    hostort. Currently only designed to work with HTTP/HTTPS, though it would
    be theoretically possible to extend to other protocols such as ssh.
    Not implemented on Windows.
    I know that Openvpn in untangle use UDP but if the end user hade a choice to use TCP and port-share then one less port would needed to be open.

    Or binding it to the remote admin port.

    This is just me thinking...
    "Of all the things I've lost, I miss my mind the most"
    WebFooL@fakenews.se
    http://gustavsson.it
  2. 08-27-2009, 08:37 AM #2
    sky-knight
    sky-knight is offline
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,542

    Default

    You have 65,535 ports... do you really need to add the overhead of sharing one?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com
  3. 08-27-2009, 09:10 AM #3
    WebFooL
    WebFooL is offline
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050
    Send a message via MSN to WebFooL

    Default

    Yes i am aware that UDP and TCP have both 65,535 each.

    But in some installations ppl do want to limit open port resposes to as few as possible.

    I did not state that i wanted it in untangle or even that it is needed.
    I only stated that i was reading the Change log and find that the "port-share" can be a nice feature.

    But as you say there are a lot of ports to use.
    "Of all the things I've lost, I miss my mind the most"
    WebFooL@fakenews.se
    http://gustavsson.it
  4. 09-09-2009, 12:51 PM #4
    early
    early is offline
    Newbie
    Join Date
    Sep 2009
    Posts
    1

    Default Why is it that by default only UDP is enabled

    I am currently using OpenVPN to connect to systems that sit behind a customer's firewall and they block practically every port except for just a few. My plan was to use the Untangle box as a secondary OpenVPN server on TCP port 443 but found that it was limited to UDP ports. I guess I am just trying to understand the reason for this limitation? The fact of the matter is that it would be way too much work to get several hundred customers to create a new firewall rule for a blocked UDP port versus using TCP port 443 which is already open.
  5. 09-09-2009, 01:28 PM #5
    sky-knight
    sky-knight is offline
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,542

    Default

    Early your issue has nothing to do with the post here. What you're asking for is a GUI enhancement that gives you the option of choosing TCP vs UDP and a working port definition field.

    Configuring OpenVPN to do what you want is trivial. Doing it within the confines of UT's GUI is not.

    Incidentally, UDP 1194 wasn't arbitrarily chosen. It is the registered port defined for use with by OpenVPN services.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules


SEO by vBSEO 3.6.0 PL2