[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] port-share with

  • Subject: Re: [Openvpn-users] port-share with
  • From: Colin Ryan <colinr@xxxxxxxx>
  • Date: Sat, 27 Oct 2007 13:27:31 -0400

What I'm trying to do is to make two resources available OpenVPN and a 
Secure Web Server accessible from the same single forwarding of port 443 
through a firewall. Which seems to be what you are doing as well. It 
would not matter if the two services were on separate machines or not, 
the idea is that only 1 externally facing port and IP pairing is used. 
To me your description of what you are using it for is in all practical 
cases not different than mine.
> would work though, if the other server is an other server (or, i guess, 
> another interface on the same sever where your application doesn't 
> listen already [address binding...]).
> that's the way i'm using it here - it helps me to alleviate the 
> scarcity of ip4 addresses; i accept an openvpn connection on my 
> (externally visible) frontend (443) or pass it on to a backend 
> (privateaddress:443).
>> In the spirit of your letter of the word interpretation of 
>> the man page "proxy" to me means more that a redirect but.....
This sounds all right "remembering connections", and "reponses to right 
outbound connection", but in what I'm seeing it simply redirects the web 
client to the port-share targets, which ultimately must be directly 
accessible for public IP's and port forwardings/NAT etc.
> i think you are right - it's no more than a passing on to the right 
> target (and remembering both connections), and passing the target's 
> responses to the right outbound connection.
> at least that's the way i imagine it to work, more or less; having 
> not read the code, i could be totally wrong, of course with my 
> speculations.
Again, I don't have to have both applications running on 443 but I do 
wish to have to only have 1 external port available on 1 external IP 
address and have access to both the web and ovpn service.
> are you trying to accomodate both an openvpn server and an application 
> on the same machine, with one interface address only, 'sharing' 443?
> i would not expect this to work.

Openvpn-users mailing list