OpenVPN: Change the default TCP/UDP Ports

Hi,

sometimes it make sense to change the default ports of an OpenVPN installation, because these are those which are in case of an vulnerability scan attacked first or some company firewall rules makes it necessary.

With the

port 1194

directive in your config file the source and destination port for connections is always 1194.

For outgoing connections there are two ways to alter the source port:

A static source port

lport 12394

or the source port can be allocated dynamically by the IP stack. Then add

nobind

to your config.
Note: This option requires an connection initiated by the remote option.

The destination port can, of course, also be changed:
Append it to the remote option

remote openvpn.yourdomain.local 12394

or define it by the

rport 12394

parameter.

Michael

Leave a Reply