[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVpn and NAT.

  • Subject: Re: [Openvpn-users] OpenVpn and NAT.
  • From: Agostino Maurotto <maurotto.agostino@xxxxxxxxxx>
  • Date: Tue, 17 Jul 2007 20:15:05 +0200

>NAT isn't a problem for OpenVPN assuming the encapsulated traffic can
>flow between the 2 peers.  Some networks choose to use more restrictive
>firewalls that block a lot of arbitrary ports for outbound traffic,
>particularly UDP ports since traffic patterns and content can be harder
>to identify with this protocol.  I would check to see if your initial
>packets are even arriving on the server since they might be blocked
>before they leave the client's firewall.  If that's the case, you can
>try more standard UDP ports (eg: DNS) or switch to a common TCP port,
>such as port 443 (which is often a popular choice since many firewalls
>have rules to allow outbound https traffic.)  If the initial packet does
>arrive on the server, insure that the server's reply reaches your client.

>As a side note, many universities have policies in place against remote
>access to the network except using authorized methods.  Please be aware
>of any regulations that apply to you since network staff will often
>follow-up on suspicious traffic.

Hello and thanks for answering,
actually seems only some ports are blocked for outbound..
for example irc, msn, and some others..
i've been able to use torrent with no much efforts.
I will try other udp ports or tcp ones, even if port 442 TCP failed to reach me.
i am trying to play with netstat to be sure the packets arrive in both places
but i still need to find out the optimal command for checking it...
The computers i'm trying to access are not on the main university network
but they are only the "measurement" room subnet which is isolated from the main network
that's why they granted me permission so easily :D

Openvpn-users mailing list