1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Open ports on open client vpnI

Discussion in 'Asuswrt-Merlin' started by bobpow, May 20, 2019.

  1. bobpow

    bobpow Regular Contributor

    Joined:
    Feb 20, 2014
    Messages:
    55
    Location:
    New York
    I am running open client vpn using TorGuard on a new rt Ac86u router with 384.11-2. I ran nmap online port scan
    and it shows tcp 22,80 and 443 as open.

    I spoke to TorGuard support and they said “
    Yes those are forwarded on vpn server for connection to vpn, it is not forwarded to you.”

    I just want to check with the experts to see if this is normal and true
    Thanks
     
  2. eibgrad

    eibgrad Regular Contributor

    Joined:
    Feb 20, 2017
    Messages:
    193
    I can't speak to whether that specific VPN provider opens ports on their end of the tunnel. But normally, the VPN provider has their end of the tunnel firewall'd to protect you from unsolicited inbound traffic. Not unless they provide a port forwarding service (some do, most don't) so you can remotely access your network over the VPN.

    It is possible (if a bit unusual) they reserve certain ports for their own use, and port forward them to their own internal devices, NOT your end of the tunnel. I assume that's what they meant. As a result, you can get false positives sometimes w/ these online port scans, because what you're seeing is the results of hitting the provider's firewall, NOT your firewall.

    I've had the same thing happen when using GRC's Shields Up. I expect all my ports to be stealthy because my own firewall (over the WAN) drops all unsolicited inbound packets. But my ISP's firewall is blocking access to specific inbound ports by closing them. So a port scan reports closed for those ports rather than stealthy.
     
    Last edited: May 20, 2019
    bobpow likes this.
  3. ColinTaylor

    ColinTaylor Part of the Furniture

    Joined:
    Mar 31, 2014
    Messages:
    8,628
    Location:
    UK
    I don't have any experience with TorGuard specifically but what they said would typically be true. What you're detecting is their servers, not yours.
     
    bobpow likes this.
  4. eibgrad

    eibgrad Regular Contributor

    Joined:
    Feb 20, 2017
    Messages:
    193
    Just as an aside, this is one of the reasons I've made the following request of Merlin, to which he has recently agreed.

    https://www.snbforums.com/threads/openvpn-client-security-enhancement.56328/

    I don't fully trust the VPN provider. And it's hard to tell if in fact the ports are only open to his end of the tunnel. I assume that's the case, but you can't be 100% sure. So I've requested that we at least make sure our end of the tunnel is completely secured.
     
    bobpow, skeal and L&LD like this.
  5. Butterfly Bones

    Butterfly Bones Very Senior Member

    Joined:
    Apr 10, 2017
    Messages:
    814
    Location:
    USA
    Sound like the same misunderstanding I had. Here is the likely reason for what you are seeing.
    https://www.snbforums.com/threads/s...ted-ac-68u-merlin-380-68_4.43791/#post-371687
    You might want to read the entire (short) thread.
    https://www.snbforums.com/threads/server-ports-open-not-wanted-ac-68u-merlin-380-68_4.43791/
     
    bobpow likes this.
  6. bobpow

    bobpow Regular Contributor

    Joined:
    Feb 20, 2014
    Messages:
    55
    Location:
    New York
    Thank you all for your replies and especially the links explaining the issue. I believe I understand the issue now
     
    L&LD and Butterfly Bones like this.