Hello!
Today I installed the OpenVPN Access server on CentOS 8 using the offical install guide.
The installation went fine, but there is one problem: The OpenVPN access server does not listen to 443. So I'm not able to retrieve the configuration files on my mobile or clients.
I did literally nothing except running the script /usr/local/openvpn_as/bin/ovpn_init where I used the default values.
You can verify the non-existance of the port 443 by netstat:
I did the portforwarding approprietly, since I tested it with the httpd-daemon. But I'm not running httpd with OpenVPN AS simultaneously!
Furthermore, I checked the web settings regarding the "Web Service forwading", which is set to "Yes" - so the OpenVPN AS should open the 443 socket ...
Do you have any idea what's wrong with my setup?
Kind regards,
Michael
OpenVPN Access Server - Not listening on 443
-
- OpenVpn Newbie
- Posts: 1
- Joined: Fri Dec 20, 2019 6:11 pm
-
- OpenVpn Newbie
- Posts: 2
- Joined: Mon Mar 23, 2020 12:52 am
Re: OpenVPN Access Server - Not listening on 443
Hi Michael,
OpenVPN-AS actually does this by port forwarding tcp/443 to an instance running on another port.
You can see the iptables rules responsible for this here:
It's worth running those commands first to determine if the counters are incrementing for traffic being punted to the openvpn-openssl process.
OpenVPN-AS actually does this by port forwarding tcp/443 to an instance running on another port.
You can see the iptables rules responsible for this here:
Code: Select all
sudo iptables -L PREROUTING -t nat -v -n
Chain PREROUTING (policy ACCEPT 347 packets, 33112 bytes)
pkts bytes target prot opt in out source destination
136 9520 AS0_DPFWD_UDP udp -- * * 0.0.0.0/0 X.X.X.X udp dpt:1194 state NEW
20 1088 AS0_DPFWD_TCP tcp -- * * 0.0.0.0/0 X.X.X.X tcp dpt:443 state NEW
sudo iptables -L AS0_DPFWD_TCP -t nat -v -n
Chain AS0_DPFWD_TCP (1 references)
pkts bytes target prot opt in out source destination
7 424 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 to:X.X.X.X:914
sudo ss -antp | grep 914
LISTEN 0 1 X.X.X.X:914 *:* users:(("openvpn-openssl",pid=21010,fd=5))