how to access openvpn outside my LAN
Clash Royale CLAN TAG#URR8PPP up vote
0
down vote
favorite
I freshely installed an OpenVpn on my machine which runs ubuntu server 18.04 LTS. I scanned my ports with nmap it seems to be my ISP filtered all ports so i'm unable to do port forwarding. Is there any way to access OpenVpn outside my LAN without port forwarding.
openvpn port-forwarding
asked May 26 at 19:00
Harrish Kumar
2415
add a comment |Â
up vote
0
down vote
favorite
I freshely installed an OpenVpn on my machine which runs ubuntu server 18.04 LTS. I scanned my ports with nmap it seems to be my ISP filtered all ports so i'm unable to do port forwarding. Is there any way to access OpenVpn outside my LAN without port forwarding.
openvpn port-forwarding
asked May 26 at 19:00
Harrish Kumar
2415
All your ports are not filtered. Your port 80 isn't blocked otherwise you wouldn't be able to properly use the web. What did you to "scan" your ports?
– L. D. James
May 26 at 19:17
@L.D.James nmap -sA -PnO -p 80 my_public_IP
– Harrish Kumar
May 26 at 19:23
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I freshely installed an OpenVpn on my machine which runs ubuntu server 18.04 LTS. I scanned my ports with nmap it seems to be my ISP filtered all ports so i'm unable to do port forwarding. Is there any way to access OpenVpn outside my LAN without port forwarding.
openvpn port-forwarding
asked May 26 at 19:00
Harrish Kumar
2415
I freshely installed an OpenVpn on my machine which runs ubuntu server 18.04 LTS. I scanned my ports with nmap it seems to be my ISP filtered all ports so i'm unable to do port forwarding. Is there any way to access OpenVpn outside my LAN without port forwarding.
openvpn port-forwarding
asked May 26 at 19:00
Harrish Kumar
2415
asked May 26 at 19:00
Harrish Kumar
2415
asked May 26 at 19:00
Harrish Kumar
2415
asked May 26 at 19:00
Harrish Kumar
2415
2415
All your ports are not filtered. Your port 80 isn't blocked otherwise you wouldn't be able to properly use the web. What did you to "scan" your ports?
– L. D. James
May 26 at 19:17
@L.D.James nmap -sA -PnO -p 80 my_public_IP
– Harrish Kumar
May 26 at 19:23
add a comment |Â
All your ports are not filtered. Your port 80 isn't blocked otherwise you wouldn't be able to properly use the web. What did you to "scan" your ports?
– L. D. James
May 26 at 19:17
@L.D.James nmap -sA -PnO -p 80 my_public_IP
– Harrish Kumar
May 26 at 19:23
All your ports are not filtered. Your port 80 isn't blocked otherwise you wouldn't be able to properly use the web. What did you to "scan" your ports?
– L. D. James
May 26 at 19:17
All your ports are not filtered. Your port 80 isn't blocked otherwise you wouldn't be able to properly use the web. What did you to "scan" your ports?
– L. D. James
May 26 at 19:17
@L.D.James nmap -sA -PnO -p 80 my_public_IP
– Harrish Kumar
May 26 at 19:23
@L.D.James nmap -sA -PnO -p 80 my_public_IP
– Harrish Kumar
May 26 at 19:23
add a comment |Â
3 Answers
3
active
oldest
votes
up vote
0
down vote
You need to have a port forward from your public ip address. There is no other way how to connect from outside. Talk to your ISP regarding the port forwarding. Some ISP provide port forwarding free of charge, whereas an extra public IP address costs something.
answered May 26 at 19:16
kukulo
842416
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
add a comment |Â
up vote
0
down vote
I don't trust the method you used to determine your ISP "filters all ports so you're unable to do port forwarding". If you haven't set up port forwarding, no ports are going to be open on your IP address, which doesn't necessarily mean your ISP is doing anything.
To port forward, you need to log in to your router (most likely supplied to you by your ISP) and then Google "how to set up port forwarding on <router name/make/model>". For example, for the SuperHub 3:
https://www.google.co.uk/search?q=How+to+set+up+port+forwarding+on+the+SuperHub+3
What port(s) you forward to your Ubuntu 18.04 server to access OpenVPN will depend on how you set up OpenVPN. If you used the default OpenVPN server configuration, you'll have to forward UDP port 1994 to the IP address of your Ubuntu 18.04 server.
You can find out what port OpenVPN is running on by running:
$ sudo ss -plntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 21504 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=12))
udp UNCONN 768 0 0.0.0.0:1194 0.0.0.0:* users:(("openvpn",pid=831,fd=7))
tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=13))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=852,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=852,fd=4))
From the above it can be seen that OpenVPN is using UDP port 1194 (in this particular case).
answered May 26 at 19:48
Andy Turfer
653510
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
add a comment |Â
up vote
0
down vote
The method you used for testing your ports is not an indication that they are blocked by your ISP.
First, attach an application to listen on the port you want to test. You can do this with netcat from the repository.
$ sudo apt install netcat
Now run this command to test the port you want to verify is not being blocked by your ISP. In this example I'll use the default openvpn port 1194.
$ netcat -l 1194
There are a number of ways that you can test it. You can test it with this website IP address from your phone with wifi turned off so that you will be coming from the outside.
http://yourpublicipaddess:1194
When you access it from the web you will see activity on your screen when the web browser queries it.
You can also use a web tool such as Open Port Check.
Answer the prompt for the port you want to check, then click the Check Port button.
You can use this command to see which ports you have opened (you have a service connected to):
$ netstat -tulnp | grep "LISTEN"
The output will include something similar to this:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:1729 0.0.0.0:* LISTEN -
tcp 1 0 0.0.0.0:1194 0.0.0.0:* LISTEN 5454/netcat
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5037 0.0.0.0:* LISTEN 3851/adb
tcp 0 0 0.0.0.0:32400 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5556 0.0.0.0:* LISTEN 4884/chrome
Be sure to use your router's manual for its proper port forwarding configuration.
A quick method to have all traffic directed to your local computer's IP (something for a quick test... could be a serious security issue if left on)
Temporarily turn on Application and Gaming DMZ. Then run the port test described above.
You have those options for having access to your LAN from the outside. If those fail, you would have to communicate with your ISP to unblock the ports you want to use.
Note:
It might be something that happens at times, but I have never seen it, and can't imagine an ISP blocking all ports to their clients. They may block some ports such as port 25 to protect their clients from virus vulnerabilities. Some also block ports that are commonly used for heavy traffic file sharing (often used for pirating software). They often block port 80 to prevent their customers from running heavy traffic web servers. I kind of gave you the wrong port to test in the comments.
You shouldn't find any problems finding an unblocked port using the method above.
answered May 27 at 13:44
L. D. James
17.3k43077
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
You need to have a port forward from your public ip address. There is no other way how to connect from outside. Talk to your ISP regarding the port forwarding. Some ISP provide port forwarding free of charge, whereas an extra public IP address costs something.
answered May 26 at 19:16
kukulo
842416
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
add a comment |Â
up vote
0
down vote
You need to have a port forward from your public ip address. There is no other way how to connect from outside. Talk to your ISP regarding the port forwarding. Some ISP provide port forwarding free of charge, whereas an extra public IP address costs something.
answered May 26 at 19:16
kukulo
842416
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
add a comment |Â
up vote
0
down vote
up vote
0
down vote
You need to have a port forward from your public ip address. There is no other way how to connect from outside. Talk to your ISP regarding the port forwarding. Some ISP provide port forwarding free of charge, whereas an extra public IP address costs something.
answered May 26 at 19:16
kukulo
842416
You need to have a port forward from your public ip address. There is no other way how to connect from outside. Talk to your ISP regarding the port forwarding. Some ISP provide port forwarding free of charge, whereas an extra public IP address costs something.
answered May 26 at 19:16
kukulo
842416
answered May 26 at 19:16
kukulo
842416
answered May 26 at 19:16
kukulo
842416
answered May 26 at 19:16
kukulo
842416
842416
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
add a comment |Â
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
I know i have to do port forwarding, already know that but i need alternate solution if it exists.
– Harrish Kumar
May 26 at 19:32
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
If your ISP blocks incoming traffic to all ports, then switch ISPs. That's about the only alternative you'll have if that's the case. Actually, there is another possibility - reverse SSH port forwarding with some fancy routing rules and/or dynamic port fowarding. Using reverse tunneling and/or dynamic forwarding will require another server on the Internet that does not have any port restrictions.
– Andy Turfer
May 26 at 20:10
add a comment |Â
up vote
0
down vote
I don't trust the method you used to determine your ISP "filters all ports so you're unable to do port forwarding". If you haven't set up port forwarding, no ports are going to be open on your IP address, which doesn't necessarily mean your ISP is doing anything.
To port forward, you need to log in to your router (most likely supplied to you by your ISP) and then Google "how to set up port forwarding on <router name/make/model>". For example, for the SuperHub 3:
https://www.google.co.uk/search?q=How+to+set+up+port+forwarding+on+the+SuperHub+3
What port(s) you forward to your Ubuntu 18.04 server to access OpenVPN will depend on how you set up OpenVPN. If you used the default OpenVPN server configuration, you'll have to forward UDP port 1994 to the IP address of your Ubuntu 18.04 server.
You can find out what port OpenVPN is running on by running:
$ sudo ss -plntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 21504 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=12))
udp UNCONN 768 0 0.0.0.0:1194 0.0.0.0:* users:(("openvpn",pid=831,fd=7))
tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=13))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=852,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=852,fd=4))
From the above it can be seen that OpenVPN is using UDP port 1194 (in this particular case).
answered May 26 at 19:48
Andy Turfer
653510
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
add a comment |Â
up vote
0
down vote
I don't trust the method you used to determine your ISP "filters all ports so you're unable to do port forwarding". If you haven't set up port forwarding, no ports are going to be open on your IP address, which doesn't necessarily mean your ISP is doing anything.
To port forward, you need to log in to your router (most likely supplied to you by your ISP) and then Google "how to set up port forwarding on <router name/make/model>". For example, for the SuperHub 3:
https://www.google.co.uk/search?q=How+to+set+up+port+forwarding+on+the+SuperHub+3
What port(s) you forward to your Ubuntu 18.04 server to access OpenVPN will depend on how you set up OpenVPN. If you used the default OpenVPN server configuration, you'll have to forward UDP port 1994 to the IP address of your Ubuntu 18.04 server.
You can find out what port OpenVPN is running on by running:
$ sudo ss -plntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 21504 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=12))
udp UNCONN 768 0 0.0.0.0:1194 0.0.0.0:* users:(("openvpn",pid=831,fd=7))
tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=13))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=852,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=852,fd=4))
From the above it can be seen that OpenVPN is using UDP port 1194 (in this particular case).
answered May 26 at 19:48
Andy Turfer
653510
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
add a comment |Â
up vote
0
down vote
up vote
0
down vote
I don't trust the method you used to determine your ISP "filters all ports so you're unable to do port forwarding". If you haven't set up port forwarding, no ports are going to be open on your IP address, which doesn't necessarily mean your ISP is doing anything.
To port forward, you need to log in to your router (most likely supplied to you by your ISP) and then Google "how to set up port forwarding on <router name/make/model>". For example, for the SuperHub 3:
https://www.google.co.uk/search?q=How+to+set+up+port+forwarding+on+the+SuperHub+3
What port(s) you forward to your Ubuntu 18.04 server to access OpenVPN will depend on how you set up OpenVPN. If you used the default OpenVPN server configuration, you'll have to forward UDP port 1994 to the IP address of your Ubuntu 18.04 server.
You can find out what port OpenVPN is running on by running:
$ sudo ss -plntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 21504 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=12))
udp UNCONN 768 0 0.0.0.0:1194 0.0.0.0:* users:(("openvpn",pid=831,fd=7))
tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=13))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=852,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=852,fd=4))
From the above it can be seen that OpenVPN is using UDP port 1194 (in this particular case).
answered May 26 at 19:48
Andy Turfer
653510
I don't trust the method you used to determine your ISP "filters all ports so you're unable to do port forwarding". If you haven't set up port forwarding, no ports are going to be open on your IP address, which doesn't necessarily mean your ISP is doing anything.
To port forward, you need to log in to your router (most likely supplied to you by your ISP) and then Google "how to set up port forwarding on <router name/make/model>". For example, for the SuperHub 3:
https://www.google.co.uk/search?q=How+to+set+up+port+forwarding+on+the+SuperHub+3
What port(s) you forward to your Ubuntu 18.04 server to access OpenVPN will depend on how you set up OpenVPN. If you used the default OpenVPN server configuration, you'll have to forward UDP port 1994 to the IP address of your Ubuntu 18.04 server.
You can find out what port OpenVPN is running on by running:
$ sudo ss -plntu
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 21504 0 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=12))
udp UNCONN 768 0 0.0.0.0:1194 0.0.0.0:* users:(("openvpn",pid=831,fd=7))
tcp LISTEN 0 128 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=603,fd=13))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=852,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=852,fd=4))
From the above it can be seen that OpenVPN is using UDP port 1194 (in this particular case).
answered May 26 at 19:48
Andy Turfer
653510
answered May 26 at 19:48
Andy Turfer
653510
answered May 26 at 19:48
Andy Turfer
653510
answered May 26 at 19:48
Andy Turfer
653510
653510
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
add a comment |Â
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
i already tried port forwarding in my router.
– Harrish Kumar
May 27 at 11:10
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
Did you use nmap to scan your IP address after you had set up port forwarding?
– Andy Turfer
May 31 at 22:46
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
yes, i do nmap scan
– Harrish Kumar
Jun 2 at 18:40
add a comment |Â
up vote
0
down vote
The method you used for testing your ports is not an indication that they are blocked by your ISP.
First, attach an application to listen on the port you want to test. You can do this with netcat from the repository.
$ sudo apt install netcat
Now run this command to test the port you want to verify is not being blocked by your ISP. In this example I'll use the default openvpn port 1194.
$ netcat -l 1194
There are a number of ways that you can test it. You can test it with this website IP address from your phone with wifi turned off so that you will be coming from the outside.
http://yourpublicipaddess:1194
When you access it from the web you will see activity on your screen when the web browser queries it.
You can also use a web tool such as Open Port Check.
Answer the prompt for the port you want to check, then click the Check Port button.
You can use this command to see which ports you have opened (you have a service connected to):
$ netstat -tulnp | grep "LISTEN"
The output will include something similar to this:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:1729 0.0.0.0:* LISTEN -
tcp 1 0 0.0.0.0:1194 0.0.0.0:* LISTEN 5454/netcat
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5037 0.0.0.0:* LISTEN 3851/adb
tcp 0 0 0.0.0.0:32400 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5556 0.0.0.0:* LISTEN 4884/chrome
Be sure to use your router's manual for its proper port forwarding configuration.
A quick method to have all traffic directed to your local computer's IP (something for a quick test... could be a serious security issue if left on)
Temporarily turn on Application and Gaming DMZ. Then run the port test described above.
You have those options for having access to your LAN from the outside. If those fail, you would have to communicate with your ISP to unblock the ports you want to use.
Note:
It might be something that happens at times, but I have never seen it, and can't imagine an ISP blocking all ports to their clients. They may block some ports such as port 25 to protect their clients from virus vulnerabilities. Some also block ports that are commonly used for heavy traffic file sharing (often used for pirating software). They often block port 80 to prevent their customers from running heavy traffic web servers. I kind of gave you the wrong port to test in the comments.
You shouldn't find any problems finding an unblocked port using the method above.
answered May 27 at 13:44
L. D. James
17.3k43077
add a comment |Â
up vote
0
down vote
The method you used for testing your ports is not an indication that they are blocked by your ISP.
First, attach an application to listen on the port you want to test. You can do this with netcat from the repository.
$ sudo apt install netcat
Now run this command to test the port you want to verify is not being blocked by your ISP. In this example I'll use the default openvpn port 1194.
$ netcat -l 1194
There are a number of ways that you can test it. You can test it with this website IP address from your phone with wifi turned off so that you will be coming from the outside.
http://yourpublicipaddess:1194
When you access it from the web you will see activity on your screen when the web browser queries it.
You can also use a web tool such as Open Port Check.
Answer the prompt for the port you want to check, then click the Check Port button.
You can use this command to see which ports you have opened (you have a service connected to):
$ netstat -tulnp | grep "LISTEN"
The output will include something similar to this:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:1729 0.0.0.0:* LISTEN -
tcp 1 0 0.0.0.0:1194 0.0.0.0:* LISTEN 5454/netcat
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5037 0.0.0.0:* LISTEN 3851/adb
tcp 0 0 0.0.0.0:32400 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5556 0.0.0.0:* LISTEN 4884/chrome
Be sure to use your router's manual for its proper port forwarding configuration.
A quick method to have all traffic directed to your local computer's IP (something for a quick test... could be a serious security issue if left on)
Temporarily turn on Application and Gaming DMZ. Then run the port test described above.
You have those options for having access to your LAN from the outside. If those fail, you would have to communicate with your ISP to unblock the ports you want to use.
Note:
It might be something that happens at times, but I have never seen it, and can't imagine an ISP blocking all ports to their clients. They may block some ports such as port 25 to protect their clients from virus vulnerabilities. Some also block ports that are commonly used for heavy traffic file sharing (often used for pirating software). They often block port 80 to prevent their customers from running heavy traffic web servers. I kind of gave you the wrong port to test in the comments.
You shouldn't find any problems finding an unblocked port using the method above.
answered May 27 at 13:44
L. D. James
17.3k43077
add a comment |Â
up vote
0
down vote
up vote
0
down vote
The method you used for testing your ports is not an indication that they are blocked by your ISP.
First, attach an application to listen on the port you want to test. You can do this with netcat from the repository.
$ sudo apt install netcat
Now run this command to test the port you want to verify is not being blocked by your ISP. In this example I'll use the default openvpn port 1194.
$ netcat -l 1194
There are a number of ways that you can test it. You can test it with this website IP address from your phone with wifi turned off so that you will be coming from the outside.
http://yourpublicipaddess:1194
When you access it from the web you will see activity on your screen when the web browser queries it.
You can also use a web tool such as Open Port Check.
Answer the prompt for the port you want to check, then click the Check Port button.
You can use this command to see which ports you have opened (you have a service connected to):
$ netstat -tulnp | grep "LISTEN"
The output will include something similar to this:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:1729 0.0.0.0:* LISTEN -
tcp 1 0 0.0.0.0:1194 0.0.0.0:* LISTEN 5454/netcat
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5037 0.0.0.0:* LISTEN 3851/adb
tcp 0 0 0.0.0.0:32400 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5556 0.0.0.0:* LISTEN 4884/chrome
Be sure to use your router's manual for its proper port forwarding configuration.
A quick method to have all traffic directed to your local computer's IP (something for a quick test... could be a serious security issue if left on)
Temporarily turn on Application and Gaming DMZ. Then run the port test described above.
You have those options for having access to your LAN from the outside. If those fail, you would have to communicate with your ISP to unblock the ports you want to use.
Note:
It might be something that happens at times, but I have never seen it, and can't imagine an ISP blocking all ports to their clients. They may block some ports such as port 25 to protect their clients from virus vulnerabilities. Some also block ports that are commonly used for heavy traffic file sharing (often used for pirating software). They often block port 80 to prevent their customers from running heavy traffic web servers. I kind of gave you the wrong port to test in the comments.
You shouldn't find any problems finding an unblocked port using the method above.
answered May 27 at 13:44
L. D. James
17.3k43077
The method you used for testing your ports is not an indication that they are blocked by your ISP.
First, attach an application to listen on the port you want to test. You can do this with netcat from the repository.
$ sudo apt install netcat
Now run this command to test the port you want to verify is not being blocked by your ISP. In this example I'll use the default openvpn port 1194.
$ netcat -l 1194
There are a number of ways that you can test it. You can test it with this website IP address from your phone with wifi turned off so that you will be coming from the outside.
http://yourpublicipaddess:1194
When you access it from the web you will see activity on your screen when the web browser queries it.
You can also use a web tool such as Open Port Check.
Answer the prompt for the port you want to check, then click the Check Port button.
You can use this command to see which ports you have opened (you have a service connected to):
$ netstat -tulnp | grep "LISTEN"
The output will include something similar to this:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:1729 0.0.0.0:* LISTEN -
tcp 1 0 0.0.0.0:1194 0.0.0.0:* LISTEN 5454/netcat
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5037 0.0.0.0:* LISTEN 3851/adb
tcp 0 0 0.0.0.0:32400 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:32401 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:5556 0.0.0.0:* LISTEN 4884/chrome
Be sure to use your router's manual for its proper port forwarding configuration.
A quick method to have all traffic directed to your local computer's IP (something for a quick test... could be a serious security issue if left on)
Temporarily turn on Application and Gaming DMZ. Then run the port test described above.
You have those options for having access to your LAN from the outside. If those fail, you would have to communicate with your ISP to unblock the ports you want to use.
Note:
It might be something that happens at times, but I have never seen it, and can't imagine an ISP blocking all ports to their clients. They may block some ports such as port 25 to protect their clients from virus vulnerabilities. Some also block ports that are commonly used for heavy traffic file sharing (often used for pirating software). They often block port 80 to prevent their customers from running heavy traffic web servers. I kind of gave you the wrong port to test in the comments.
You shouldn't find any problems finding an unblocked port using the method above.
answered May 27 at 13:44
L. D. James
17.3k43077
answered May 27 at 13:44
L. D. James
17.3k43077
answered May 27 at 13:44
L. D. James
17.3k43077
answered May 27 at 13:44
L. D. James
17.3k43077
17.3k43077
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1040671%2fhow-to-access-openvpn-outside-my-lan%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
var $window = $(window),
onScroll = function(e)
var $elem = $('.new-login-left'),
docViewTop = $window.scrollTop(),
docViewBottom = docViewTop + $window.height(),
elemTop = $elem.offset().top,
elemBottom = elemTop + $elem.height();
if ((docViewTop elemBottom))
StackExchange.using('gps', function() StackExchange.gps.track('embedded_signup_form.view', location: 'question_page' ); );
$window.unbind('scroll', onScroll);
;
$window.on('scroll', onScroll);
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
All your ports are not filtered. Your port 80 isn't blocked otherwise you wouldn't be able to properly use the web. What did you to "scan" your ports?
– L. D. James
May 26 at 19:17
@L.D.James nmap -sA -PnO -p 80 my_public_IP
– Harrish Kumar
May 26 at 19:23