Menu
What's new
By:
Filters Better Search

VPN - test cases - client to site, site to site.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

R

RemoveByFriction

New Around Here
Dear users of forum,

Have you met with the OpenVPN configuration, which will allow you to switch automatically
conneciont from the udp tunnel to tcp?
I note that I do not mean to make that with OpenVPN Access Server.
The issue is that I would like to have such a configuration applies to restrictive firewalls.
The idea is that if it is impossible to make vpn tunel using UDP,
automatically the client try to create a connection on TCP port 443.
 
Last edited:
You can use the remote directive to define additional possible OpenVPN servers you're interested in.

Code: 
remote 199.199.199.199 udp 5353
remote 188.188.188.188 tcp 443
...

Just add it to the Custom Config field. The OpenVPN client will traverse the list, in order, until it gets a connection. If that fails, it returns to the top and tries again. Ad infinitum.

But this only works if those servers are configured w/ the same CA cert, client certs and keys, etc. Sometimes that's the case (e.g. PIA), sometimes NOT (e.g., NordVPN).
 
eibgrad said:
You can use the remote directive to define additional possible OpenVPN servers you're interested in.

Code: 
remote 199.199.199.199 udp 5353
remote 188.188.188.188 tcp 443
...

Just add it to the Custom Config field. The OpenVPN client will traverse the list, in order, until it gets a connection. If that fails, it returns to the top and tries again. Ad infinitum.

But this only works if those servers are configured w/ the same CA cert, client certs and keys, etc. Sometimes that's the case (e.g. PIA), sometimes NOT (e.g., NordVPN).
Click to expand...


I am assuming the 199.xxx.....are IP’s of the VPN servers.

Also if there are more VPN servers available (and provided that CA certs/keys/etc are the same)-could your Custom Configuration lines be modified to this?


Code: 
 remote 103.86.96.100 udp 1194
remote 103.86.96.100 tcp 443
remote 103.86.99.100 udp 1194
remote 103.86.99.100 tcp 443


Sent from my iPhone using Tapatalk
 
Additional tip.

If you add the server-poll-timeout directive to Custom Config as well, then you can control how long to wait for a response from the current remote before moving on to the next one.

Code: 
server-poll-timeout 10

In the above example, I've instructed the OpenVPN client to only wait 10 secs before moving on to the next remote. This can very handy given the OpenVPN client might wait as much as a minute (by default) before giving up on the current remote.
 
You must log in or register to reply here.

Similar threads

S
Offload OpenVPN to Raspberry Pi 5 versus using my AXE16000 for site-site?
Replies
2
Views
484
sunactive
S
johndoe85
VPN site to site with additional VPN client to hide IP
Replies
14
Views
663
johndoe85
johndoe85
F
Site To Site VPN between Debian VM and AsusWRT-Merlin router, no routes exists
Replies
2
Views
617
Freewill0592
F
B
IPv6-only site-to-site setup with Wireguard, and how to handle IPv4
Replies
1
Views
1K
drinkingbird
drinkingbird
B
VPN Director: Prioritize Site-to-Site VPN over WAN
Replies
4
Views
783
benih
B
Similar threads
Thread starter Title Forum Replies Date
gdgross Setting up VPN server (router?) for offsite access VPN 13
C Instant Guard IPsec VPN Log Showing Regular Access Attempts VPN 3
A Best way to set up vpn on router for gaming? VPN 13
M VPN for a Cruise Ship VPN 11
F Router for VPN with AES-NI VPN 8
S How to start client VPN from the CLI on tomato firmware VPN 0
Diablo99 How to build a safe VPN VPN 3
F Site To Site VPN between Debian VM and AsusWRT-Merlin router, no routes exists VPN 2
P OPNsense / Adguard / DNS & VPN questions VPN 3
6 VPN problem on remote connection. VPN 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 757 (members: 22, guests: 735)
Top