How do I add a port exception to an OpenVPN connection?
up vote
0
down vote
favorite
I want port 22 to remain untouched as I believe it to be secure enough for my purposes and I'd like to use it to sync files.
ssh openvpn
asked 2 days ago
NonYaBidnezz
226
add a comment |
up vote
0
down vote
favorite
I want port 22 to remain untouched as I believe it to be secure enough for my purposes and I'd like to use it to sync files.
ssh openvpn
asked 2 days ago
NonYaBidnezz
226
What are you trying to achieve, and what is your configuration?
– vidarlo
2 days ago
I'm using protonvpn. How can I get the information that you require? Would the contents of an *.ovpn file do it?
– NonYaBidnezz
2 days ago
Redacted, of course.
– NonYaBidnezz
2 days ago
Objective is to get both my machines on OpenVpn while still being able to sync files over ssh. SSH can take place over VPN or not. VPN is actually preferred. I use dynamic DNS. I'm assuming I'll have to script an update to that on startup or something. I'll worry about that later.
– NonYaBidnezz
2 days ago
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I want port 22 to remain untouched as I believe it to be secure enough for my purposes and I'd like to use it to sync files.
ssh openvpn
asked 2 days ago
NonYaBidnezz
226
I want port 22 to remain untouched as I believe it to be secure enough for my purposes and I'd like to use it to sync files.
ssh openvpn
ssh openvpn
asked 2 days ago
NonYaBidnezz
226
asked 2 days ago
NonYaBidnezz
226
asked 2 days ago
NonYaBidnezz
226
asked 2 days ago
NonYaBidnezz
226
asked 2 days ago
NonYaBidnezz
226
226
What are you trying to achieve, and what is your configuration?
– vidarlo
2 days ago
I'm using protonvpn. How can I get the information that you require? Would the contents of an *.ovpn file do it?
– NonYaBidnezz
2 days ago
Redacted, of course.
– NonYaBidnezz
2 days ago
Objective is to get both my machines on OpenVpn while still being able to sync files over ssh. SSH can take place over VPN or not. VPN is actually preferred. I use dynamic DNS. I'm assuming I'll have to script an update to that on startup or something. I'll worry about that later.
– NonYaBidnezz
2 days ago
add a comment |
What are you trying to achieve, and what is your configuration?
– vidarlo
2 days ago
I'm using protonvpn. How can I get the information that you require? Would the contents of an *.ovpn file do it?
– NonYaBidnezz
2 days ago
Redacted, of course.
– NonYaBidnezz
2 days ago
Objective is to get both my machines on OpenVpn while still being able to sync files over ssh. SSH can take place over VPN or not. VPN is actually preferred. I use dynamic DNS. I'm assuming I'll have to script an update to that on startup or something. I'll worry about that later.
– NonYaBidnezz
2 days ago
What are you trying to achieve, and what is your configuration?
– vidarlo
2 days ago
What are you trying to achieve, and what is your configuration?
– vidarlo
2 days ago
I'm using protonvpn. How can I get the information that you require? Would the contents of an *.ovpn file do it?
– NonYaBidnezz
2 days ago
I'm using protonvpn. How can I get the information that you require? Would the contents of an *.ovpn file do it?
– NonYaBidnezz
2 days ago
Redacted, of course.
– NonYaBidnezz
2 days ago
Redacted, of course.
– NonYaBidnezz
2 days ago
Objective is to get both my machines on OpenVpn while still being able to sync files over ssh. SSH can take place over VPN or not. VPN is actually preferred. I use dynamic DNS. I'm assuming I'll have to script an update to that on startup or something. I'll worry about that later.
– NonYaBidnezz
2 days ago
Objective is to get both my machines on OpenVpn while still being able to sync files over ssh. SSH can take place over VPN or not. VPN is actually preferred. I use dynamic DNS. I'm assuming I'll have to script an update to that on startup or something. I'll worry about that later.
– NonYaBidnezz
2 days ago
add a comment |
1 Answer
1
active
oldest
votes
up vote
0
down vote
In short there's two ways to accomplish this.
Over VPN
In this case, your VPN provider has to allow incoming traffic to port 22 on your VPN link, or you have to set up SSH to use an port that allows incoming traffic. How to do this differs from provider to provider, but most do tend to use RFC1918-addressing with optional port forwarding. In case of port forwarding you typically don't get to pick the port.
Bypassing VPN
You can't create routes that involves port numbers, but that should not be necessary.
Simply make sure that you still have a valid route to reach the host you're trying to reach outside of the VPN route. This can be a /32, i.e. a route only to the host you're sshing from.
In addition, if you have set up a firewall, you must allow ssh on that interface.
Without any more detailed configuration from you, this is the answer that's possible to give. You'll have to fill in the details yourself.
answered yesterday
vidarlo
7,99042341
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
In short there's two ways to accomplish this.
Over VPN
In this case, your VPN provider has to allow incoming traffic to port 22 on your VPN link, or you have to set up SSH to use an port that allows incoming traffic. How to do this differs from provider to provider, but most do tend to use RFC1918-addressing with optional port forwarding. In case of port forwarding you typically don't get to pick the port.
Bypassing VPN
You can't create routes that involves port numbers, but that should not be necessary.
Simply make sure that you still have a valid route to reach the host you're trying to reach outside of the VPN route. This can be a /32, i.e. a route only to the host you're sshing from.
In addition, if you have set up a firewall, you must allow ssh on that interface.
Without any more detailed configuration from you, this is the answer that's possible to give. You'll have to fill in the details yourself.
answered yesterday
vidarlo
7,99042341
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
add a comment |
up vote
0
down vote
In short there's two ways to accomplish this.
Over VPN
In this case, your VPN provider has to allow incoming traffic to port 22 on your VPN link, or you have to set up SSH to use an port that allows incoming traffic. How to do this differs from provider to provider, but most do tend to use RFC1918-addressing with optional port forwarding. In case of port forwarding you typically don't get to pick the port.
Bypassing VPN
You can't create routes that involves port numbers, but that should not be necessary.
Simply make sure that you still have a valid route to reach the host you're trying to reach outside of the VPN route. This can be a /32, i.e. a route only to the host you're sshing from.
In addition, if you have set up a firewall, you must allow ssh on that interface.
Without any more detailed configuration from you, this is the answer that's possible to give. You'll have to fill in the details yourself.
answered yesterday
vidarlo
7,99042341
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
add a comment |
up vote
0
down vote
up vote
0
down vote
In short there's two ways to accomplish this.
Over VPN
In this case, your VPN provider has to allow incoming traffic to port 22 on your VPN link, or you have to set up SSH to use an port that allows incoming traffic. How to do this differs from provider to provider, but most do tend to use RFC1918-addressing with optional port forwarding. In case of port forwarding you typically don't get to pick the port.
Bypassing VPN
You can't create routes that involves port numbers, but that should not be necessary.
Simply make sure that you still have a valid route to reach the host you're trying to reach outside of the VPN route. This can be a /32, i.e. a route only to the host you're sshing from.
In addition, if you have set up a firewall, you must allow ssh on that interface.
Without any more detailed configuration from you, this is the answer that's possible to give. You'll have to fill in the details yourself.
answered yesterday
vidarlo
7,99042341
In short there's two ways to accomplish this.
Over VPN
In this case, your VPN provider has to allow incoming traffic to port 22 on your VPN link, or you have to set up SSH to use an port that allows incoming traffic. How to do this differs from provider to provider, but most do tend to use RFC1918-addressing with optional port forwarding. In case of port forwarding you typically don't get to pick the port.
Bypassing VPN
You can't create routes that involves port numbers, but that should not be necessary.
Simply make sure that you still have a valid route to reach the host you're trying to reach outside of the VPN route. This can be a /32, i.e. a route only to the host you're sshing from.
In addition, if you have set up a firewall, you must allow ssh on that interface.
Without any more detailed configuration from you, this is the answer that's possible to give. You'll have to fill in the details yourself.
answered yesterday
vidarlo
7,99042341
answered yesterday
vidarlo
7,99042341
answered yesterday
vidarlo
7,99042341
answered yesterday
vidarlo
7,99042341
7,99042341
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
add a comment |
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
In retrospect, I will need to bypass to prevent providing clues I don't want to provide through Dynamic DNS.
– NonYaBidnezz
yesterday
add a comment |
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1093748%2fhow-do-i-add-a-port-exception-to-an-openvpn-connection%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
What are you trying to achieve, and what is your configuration?
– vidarlo
2 days ago
I'm using protonvpn. How can I get the information that you require? Would the contents of an *.ovpn file do it?
– NonYaBidnezz
2 days ago
Redacted, of course.
– NonYaBidnezz
2 days ago
Objective is to get both my machines on OpenVpn while still being able to sync files over ssh. SSH can take place over VPN or not. VPN is actually preferred. I use dynamic DNS. I'm assuming I'll have to script an update to that on startup or something. I'll worry about that later.
– NonYaBidnezz
2 days ago