How to run OpenVpn and a webserver (Apache, Nginx, Cherokee, etc) in the same port

HowTosysadmin

http://i2.wp.com/www.hotforsecurity.com/wp-content/uploads/2012/10/The-New-York-Times-Website-Blocked-in-China-1.jpg?w=645

If you have ever used OpenVpn you know that a lot of filtered network do not allow to connect to other ports rather than 80 and 443 TCP. If you have your OpenVpn server in the same machine alongside with a Webserver this may be a problem because you want to use port 80 and 443 for your webserver and also the openvpn.

OpenVpn developers are smart people and they knew that this situation is not so odd so they invented a special option to deal with it. Thanks the article at raniersblog.org I found the port-share option that just redirect all the packets that are not vpn ones to another host:port pair. This allows to run your webserver in a different port, let’s say 8443 and make OpenVpn run on the 443 TCP. If packets are not for the vpn they will get redirected to the 8443.

To do so just configure your webserver to listen to port 8443 and add this configuration to the openvpn configuration file (usually /etc/openvpn/server.conf):

proto tcp
port 443
port-share 127.0.0.1 8443

Then restart openvpn and your webserver and you should be all set.

Previous
Python Bunch object or How to make dictionaries act like objects
Next
Openelec vs Raspbmc vs Xbian

Leave a Reply

%d bloggers like this: