- Client is Windows 8.
- Modem/Router is 2Wire 2701HG-G from Bell Canada.
- Server (Amahi) runs on Ubuntu 12.04
A bit of history:
I first tried OpenVPN the UDP way. Mostly works, which should mean that port forwarding is successful and that server and client can talk to eachother:
1- "OpenVPN Tester" (in control panel) tells me everything is fine.
2- I actually can connect to the server, but.. from my own network (the "A" icon of the HDAconnect application turns green and tooltip/popup text shows IP) -- which, presumably should be impossible... or should it ???
3- However, I can't connect using HDAConnect from 2 other test networks I tried (college network + a nearby library).
So... I tried the advices on https://wiki.amahi.org/index.php/VPN_troubleshooting.
I tried using TCP on port 443. However, the OpenVPN won't even start ! If I specify port 443, it just stops.
Please note that:
- on the router, port 443 has been forwarded
- port 1194, TCP (or,before, UDP), does "work" : OpenVPN server (re)starts normally.
TCP 443 Config goes like this :
Server side
my openvpn.conf (server side) looks like this
Code: Select all
port 443
proto tcp
;dev tap
dev tun
ca /etc/openvpn/amahi/ca.crt
cert /etc/openvpn/amahi/server.crt
(The remaining is exactly like the original file. So I basically changed the port number + the protocol, as described in the troubleshooter.)
Client
my HomeHDA.ovpn file looks like this :
Code: Select all
client
dev tun
proto tcp
remote [....removed...] 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert homehda.crt
key homehda.key
comp-lzo
verb 3
auth-user-pass
route-method exe
route-delay 2
As I said earlier... I forwarded TCP port 443
=====
I'm not sure what to do next.
Questions:
- Should I persist trying with TCP 443 (or even UDP 1194) ? How can I make the OpenVpn server start normally when config specifies port 443 ?
Removing the port 443 specification and leaving "proto TCP" allows OpenVPN to start normally, but I can't connect from the client, and the control panel "OpenVPN tester" says that the server is not enabled.
It could be a problem with my router and port 443. I tried turning all security features off but then I couldn't reach the dashboard from the server... I must say I didn't try very long as I put the router back as it was, restarted it and restarted the server... It's back to normal now.
- I haven't tried connecting from an external network with TCP 1194. Could that work ? (When I try the "OpenVPN Tester", it seems to like it... and I can connect internally, from my own network..!! which, from what I've read should be impossible... maybe that's where the problem lies...)