I have installed OpenVPN Access Server on an Ubuntu VPS.
On my VPS I have UFW (Ubuntu Firewall) running. I did NOT add any rules in UFW to allow port 943.
Still I can open the OpenVPN Access Server login and admin page on port 943.
Doing a port scan on my external IP and port 943 gives me the green color: open.
How is that possible?
Is there something I'm missing?
I'm pretty new to Linux in general. But I though UFW handled all my firewall traffic...
Port 943 open by default?
-
- OpenVpn Newbie
- Posts: 4
- Joined: Wed Mar 15, 2017 7:20 pm
Re: Port 943 open by default?
I just noticed that both the UDP and TCP ports I have chosen in my config are open as well. Without adding them to the UFW firewall.
Is this normal behaviour?
Is this normal behaviour?
- novaflash
- OpenVPN Inc.
- Posts: 1073
- Joined: Fri Apr 13, 2012 8:43 pm
Re: Port 943 open by default?
Without these ports open, obviously the Access Server cannot function. The reason UFW doesn't do anything about this is probably because Access Server works with iptables, and UFW probably does too. The rules are probably in conflict and one is winning over the other.
If you want to keep things secure I would recommend placing the Access Server on an internal network, with a separate firewall system between the internal network and the Internet. Then there is no way any conflicts in iptables can occur and you have a better separation of program and function.
If you want to keep things secure I would recommend placing the Access Server on an internal network, with a separate firewall system between the internal network and the Internet. Then there is no way any conflicts in iptables can occur and you have a better separation of program and function.
I'm still alive, just posting under the openvpn_inc alias now as part of a larger group.