What's new

Open ports on open client vpnI

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

bobpow

Regular Contributor
I am running open client vpn using TorGuard on a new rt Ac86u router with 384.11-2. I ran nmap online port scan
and it shows tcp 22,80 and 443 as open.

I spoke to TorGuard support and they said “
Yes those are forwarded on vpn server for connection to vpn, it is not forwarded to you.”

I just want to check with the experts to see if this is normal and true
Thanks
 
I can't speak to whether that specific VPN provider opens ports on their end of the tunnel. But normally, the VPN provider has their end of the tunnel firewall'd to protect you from unsolicited inbound traffic. Not unless they provide a port forwarding service (some do, most don't) so you can remotely access your network over the VPN.

It is possible (if a bit unusual) they reserve certain ports for their own use, and port forward them to their own internal devices, NOT your end of the tunnel. I assume that's what they meant. As a result, you can get false positives sometimes w/ these online port scans, because what you're seeing is the results of hitting the provider's firewall, NOT your firewall.

I've had the same thing happen when using GRC's Shields Up. I expect all my ports to be stealthy because my own firewall (over the WAN) drops all unsolicited inbound packets. But my ISP's firewall is blocking access to specific inbound ports by closing them. So a port scan reports closed for those ports rather than stealthy.
 
Last edited:
I don't have any experience with TorGuard specifically but what they said would typically be true. What you're detecting is their servers, not yours.
 
Just as an aside, this is one of the reasons I've made the following request of Merlin, to which he has recently agreed.

https://www.snbforums.com/threads/openvpn-client-security-enhancement.56328/

I don't fully trust the VPN provider. And it's hard to tell if in fact the ports are only open to his end of the tunnel. I assume that's the case, but you can't be 100% sure. So I've requested that we at least make sure our end of the tunnel is completely secured.
 
I am running open client vpn using TorGuard on a new rt Ac86u router with 384.11-2. I ran nmap online port scan
and it shows tcp 22,80 and 443 as open.

I spoke to TorGuard support and they said “
Yes those are forwarded on vpn server for connection to vpn, it is not forwarded to you.”

I just want to check with the experts to see if this is normal and true
Thanks
Sound like the same misunderstanding I had. Here is the likely reason for what you are seeing.
https://www.snbforums.com/threads/s...ted-ac-68u-merlin-380-68_4.43791/#post-371687
You might want to read the entire (short) thread.
https://www.snbforums.com/threads/server-ports-open-not-wanted-ac-68u-merlin-380-68_4.43791/
 
Thank you all for your replies and especially the links explaining the issue. I believe I understand the issue now
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top