OpenVPN seems to cause no stealth on ports 22, 80, 443

[tscv11]

note: when i refer to "stealth" my information comes from the "Shields Up!" test on the GRC website (https://www.grc.com/x/ne.dll?bh0bkyd2).

i use a VPN service with many servers in many countries. the only time that stealth for ports 22, 80 and 443 is achieved is when i turn off the OpenVPN service, but that wasn't clear to me in the beginning.

at first i thought the problem might have something to do with my firewall. for the record here's what i tried with Comodo Firewall:

when my IP changed i tried selecting (in Comodo) "I am home" or "I am at work" or "I'm in public" but stealth status remained elusive. i went to "Stealth Ports Wizard" and tried "Define trusted network and make my ports stealth..." (with various choices for "trusted zones" such as "loopback" or "home #1", or the beginning IP and subnet mask provided by ipconfig). i've also tried "Block all my ports and make them stealth for everyone." which worked no better.

it seems i've tried just about everything regarding the firewall. what's worse, i get same problem with every firewall i've tried, including zone alarm. i've tried posting this in the Comodo forums but 750 readers so far and not one person has replied.

it seems to me that the OpenVPN software may be at the core of this problem because any time i deactivate it the ports go back to stealth mode. surely this can't be the way it's supposed to be?

is there anything i can do about this?

specifics:

dell inspiron laptop
comodo free firewall 5.9.221
windows 7 home premium sp1 64 bit

thanks

[krzee]

when you tunnel through openvpn it sees you as coming from your vpn server, which must have ports 22, 80 and 443 open.
close them on your vpn server, or accept it as a byproduct of tunneling.

[tscv11]

when you tunnel through openvpn it sees you as coming from your vpn server, which must have ports 22, 80 and 443 open. close them on your vpn server, or accept it as a byproduct of tunneling.

thank you very much for that information. i located the file called "openvpnserv.exe" and wrestled with it a little using the command prompt. unfortunately i saw no mention of port configuration, so now i'm wondering - since i'm no expert on these things, would you mind giving me a quick run down on how to accomplish stealth status for ports (22, 80, and 443), with stealth meaning the ports are closed and not responding to any inbound probes or other traffic?

thanks for your time

[krzee]

you misunderstand
the computer that is running the vpn server is also running other services, and THOSE are the ones that are open.
port 443 = ssl webserver
port 80 = webserver
port 22 = ssh server

this has nothing to do with your vpn except that you happen to be tunneling through another machine which has open ports.

[tscv11]

ahhh. so it's not my computer that's vulnerable, it's the server! seems strange to me that the Shields Up! service has been reading the ports of a different machine instead of mine, but i guess that's just how it works with a VPN. thank you very much for clearing this up for me, i was working on it for days!

cheers