OpenVPN Support Forum

I have installed OpenVPN Access Server on an Ubuntu VPS.
On my VPS I have UFW (Ubuntu Firewall) running. I did NOT add any rules in UFW to allow port 943.
Still I can open the OpenVPN Access Server login and admin page on port 943.
Doing a port scan on my external IP and port 943 gives me the green color: open.

How is that possible?
Is there something I'm missing?

I'm pretty new to Linux in general. But I though UFW handled all my firewall traffic...

I just noticed that both the UDP and TCP ports I have chosen in my config are open as well. Without adding them to the UFW firewall.

Is this normal behaviour?

Without these ports open, obviously the Access Server cannot function. The reason UFW doesn't do anything about this is probably because Access Server works with iptables, and UFW probably does too. The rules are probably in conflict and one is winning over the other.

If you want to keep things secure I would recommend placing the Access Server on an internal network, with a separate firewall system between the internal network and the Internet. Then there is no way any conflicts in iptables can occur and you have a better separation of program and function.