From what I understand, it should be enough for the server firewall to allow the following:
- TCP 80, 443
- UDP 1194
Through some trial and error I found out that when I also open up UDP ports 32768-65535, everything starts to work fine. So it seems that the server needs these ephemeral ports open for some reason? I didn't find anything about that in the documentation though, so I'm wondering if this is just a symptom of some other issue?
Thank you!