OpenConnect Server on Brume, Client on Beryl?

Hello,

Is it possible to run OpenConnect Server on Brume (at home) and then connect to it when traveling via Beryl?

I’m about to go on a cruise which supposedly blocks all VPN connections, but folks with Cisco VPN endpoints were able to connect successfully.

It may be easier to change the preinstalled OpenVPN Server and Client to use Port 443, instead of the default Port 1194. OpenConnect and AnyConnect use the universal Port 443 by default, so they avoid blocking of other VPN ports.

Make sure you are not running another webserver or service on TCP Port 443.

I do not work for and I do not have formal association with GL.iNet

Thanks…
I’d tried that - but Brume won’t start the server with port 443 - says it’s in use.

But - there was a long thread somewhere where basically any attempts of getting openvpn running had failed. :frowning:

The same port 443 conflict would probably happen with OpenConnect because it uses the same port.

Port 443 is already used by lighttpd, which can be changed to 444 by editing /etc/lighttpd/conf.d/30-openssl.conf. Unfortunately, OpenVPN server will still not start because there is check on Port 443 hard-coded in the /etc/init.d/vpn-service script, as described in this thread:

You can work around the problem by editing that script to remove the check and also editing /etc/config/vpn_service to change enabled = 1, then running /etc/init.d/vpn-service start.

If your Brume is behind an ISP router, then another option is to port forward the ISP router WAN Port 443 to the Brume at Port 1194.

I do not work for and I do not have formal association with GL.iNet

1 Like

I am not smart - and am glad there are smart people in the world like you to help the less fortunate of us.

I was able to find the thread where they said what works and what doesn’t. So this might not help me anyway.

Here's the list of VPN connection types that would NOT connect while using VOOM internet on board RCI's Harmony of the Seas:

PPTP (default port)
L2TP/IPSEC (Sonicwall Global VPN Client using default ports)
SSL VPN (OpenVPN using UDP protocol, default port 1194, no TLS key authentication) 
SSL VPN (OpenVPN using UDP protocol, non-standard port, no TLS key authentication) 
SSL VPN (OpenVPN using UDP protocol, port 443, no TLS key authentication) 
SSL VPN (OpenVPN using TCP protocol, default port 1194, no TLS key authentication) 
SSL VPN (OpenVPN using TCP protocol, non-standard port, no TLS key authentication) 
SSL VPN (OpenVPN using TCP protocol, port 443, no TLS key authentication) 
SSL VPN (OpenVPN using UDP protocol, default port 1194, TLS Direction = Encryption) 
SSL VPN (OpenVPN using UDP protocol, non-standard port, TLS Direction = Encryption) 
SSL VPN (OpenVPN using UDP protocol, port 443, TLS Direction = Encryption) 
SSL VPN (OpenVPN using TCP protocol, default port 1194, TLS Direction = Encryption) 
SSL VPN (OpenVPN using TCP protocol, non-standard port, TLS Direction = Encryption) 
SSL VPN (OpenVPN using TCP protocol, port 443, TLS Direction = Encryption) 
Here's what would actually connect:

SSL VPN  tunneled through an SSH connection (OpenVPN using TCP protocol - port utilized and existance of a TLS key were unimportant)

From: VPN - Page 2 - Royal Caribbean Discussion - Royal Caribbean Blog

1 Like