What's new

Running simultaneous instances of OpenVPN Clients using ExpressVPN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

PC Pilot

Regular Contributor
Hi to all,

Having recently installed and configured Jack Yaz's excellent YazFi to take advantage of the discrete subnet provisions offered I was able to asign a given subnet to specific devices along with an appropriate OpenVPN Client instance configured to use specified ExpressVPN remote servers to satisfy individual requirements. Unfortunately as I am very much a novice in such matters I have encountered an unforseen obstacle namely a UDP Port conflict!

Accordingly, I would very much appreciate some guidance in respect of simultaneous operation of more than one instance of configured OpenVPN clients (specifically with ExpressVPN as provider) whilst avoiding policy rule conflicts arising from the default UDP port (in this case 1195) configured through the respective OpenVPN file for each ExpressVPN remote server instance. I am aware that it is possible to configure one of the OpenVPN clients as TCP and therefore to simultaneously utilise the default TCP Port but this is limited to only one further instance and is far from optimal.

As I was unable to identify specific guidance from their web support in respect of port provision in regard to the OpenVPN settings configured under Asus Merlin I contacted their support team for advice. My query noted that whilst there was no specific guidance an article entitled "Failure to connect VPN" referred to 'granting an exception to ExpressVPN or to UDP ports 1194-1204' which I felt showed some related significance and suggested that this indicated a 'spread' of available UDP ports thus enquiring whether this was the case and also confirmation that port re-assignment was possible and if so how I should amend the OpenVPN file.

Somewhat disappointingly I received the following reply: "Sorry, but the port number of our OpenVPN server locations cannot be altered, adjusting or opening specific ports is a potential security risk, that's why it's currently not supported. When you configure ExpressVPN on your devices, the ports will be assigned automatically." I remain unclear as to why (presumably in the case of apps) that the firewall should require exceptions granting to UDP ports "1194-1204" if this range were not provided for connections?? Perhaps those more familiar with the neuances of ExpressVPN could venture an explanation!

Obviously, I have no reason to doubt the accuracy of the advice received from ExpressVPN support (although misunderstandings can and no doubt have, in the past occurred!) so I am rather hoping that the resident experts here might be able to suggest an alternate means by which the required simulataneous OpenVPN client instances can be accomplished without policy rule conflicts arising.

Thank you in advance for your assistance.

PC Pilot
 
PC Pilot, Expressvpn's support isn't stellar despite their excellent marketing hype. Like in politics, what one likes, another won't, just as the lipstick on a pig slogan. Sometimes you have to move to a better provider. Their Zendesk support is boilerplate, which is designed to seem happy and friendly. .VPN providers supposedly exist to provide customers with certain privacy and security advantages, as well as geo-hopping in certain cases. Express certainly wrings a ton of information out of it's users, and they've had other security issues in the past which can make trust hard to come by. Your post covered similar issues other former subscribers have found problematic. They stress that their router app makes it easy for subscribers to changer servers, such as a PC software client might do, but it only works with certain Asus routers. A manual OpenVPN config install works fine, but support keeps pushing their 'compatible' router list.

There are quite a few users who like them, but there are others who are turned off by the lack of informed support. If one files tickets to try to reach a different agent, the support replies may bear a different agent name but are virtually identical. The inflexible port issue is an example; other VPNs don't have the 'we can't do that because it's security risk' answer, which seems to evade rather then to assist the customer. If you can't get the help you need, be sure to follow all the steps to request a refund several days prior to the end of your first 30 days (not a calendar month).

Torguard has excellent support and many people also seem to like Nord. Hope this helps, good luck:)
 
I'm sorry, I don't understand what your problem is!

Usually the problem is you can't have multiple connections to the same server because the address range used for clients of the server is going to be the same for each connection which the provider is unlikely to be able to change and that causes routing conflicts for the clients.

It's sometimes possible to use a different provider server as sometimes a different server will use a different address range for client connections.
Also I think providers will use different address ranges for their client UDP and TCP connections because (I think) if they didn't that could cause server routing conflicts too.

You need to check the vpn connection internal IP addresses to work out if this is actually the problem your seeing.
If so there might not be much you can do about it if different servers don't use different internal connection address ranges.

Ian
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top