Not all ports are working

Post Reply
network_buddy
OpenVpn Newbie
Posts: 6
Joined: Fri Nov 10, 2017 10:30 am

Not all ports are working

Post by network_buddy » Mon Feb 12, 2018 12:57 pm

Hi guys,

I set up a OpenVPN AS on my Ubuntu Server with NAT and all traffic through the VPN. Tunnel builds up very fine and port 80 and 443 are working very well, but all other traffic on orts not 80 and 443 will get a timeout.
For example: I have another Linux Server with a Seafile on it. Seafile has two different ports, on is for WebGUI (80) and another one for DATA (8023 something like this). In this config I can only access the WebGui on 80 but I am not able to transfer data on 8023 nor accessing the Linuxserver via SSH.
Can anyone help putting my nose on the mistake I did during configuration?

novaflash
I should be on the dev team.
Posts: 546
Joined: Fri Apr 13, 2012 8:43 pm

Re: Not all ports are working

Post by novaflash » Mon Feb 12, 2018 1:02 pm

Sounds to me like a firewall or proxy server in the way to be honest, or some other strange configuration mistake.

In the network where your access server is, can you access those ports?

network_buddy
OpenVpn Newbie
Posts: 6
Joined: Fri Nov 10, 2017 10:30 am

Re: Not all ports are working

Post by network_buddy » Mon Feb 12, 2018 1:14 pm

Yes, within the network there is no problem accessing all servers on all ports. So there is no firewall between the VPN Gateway and the LAN yet.

novaflash
I should be on the dev team.
Posts: 546
Joined: Fri Apr 13, 2012 8:43 pm

Re: Not all ports are working

Post by novaflash » Mon Feb 12, 2018 7:53 pm

I would suggest running tcpdump and monitoring specific ports, see if the traffic even gets to the Access Server at all. If it doesn't, it's a local firewall on the VPN client itself or some weird proxy server setting redirecting only port 80 and port 443 somewhere, but blocking the rest.

Give this guide a read:
https://docs.openvpn.net/troubleshootin ... pn-tunnel/

network_buddy
OpenVpn Newbie
Posts: 6
Joined: Fri Nov 10, 2017 10:30 am

Re: Not all ports are working

Post by network_buddy » Tue Feb 13, 2018 11:09 am

OK so there is nothing like portforwarding or firewall on the AS itself? I was afraid I have missed that config menu. Now I have to find out a TCP dump of a connection not working when not beeing in the local network where it might work.

novaflash
I should be on the dev team.
Posts: 546
Joined: Fri Apr 13, 2012 8:43 pm

Re: Not all ports are working

Post by novaflash » Tue Feb 13, 2018 11:45 am

Access Server does work like a firewall and it does have port forwarding functions, but you would have to do very specific things to activate those, like specify in a group access control something like 123.45.67.89:tcp/80 to only allow that port through, but then you would know you had done such a thing.

Default settings, if you allow an IP through, it allows all the ports through to that IP.

It's possible of course if you install UFW or some other firewall system that that is the problem. But I'd run tcpdump to see what happens anyways.

Post Reply