dsommers
commented
2 years ago Can you please elaborate why you need lport at all? Have you tried connecting without it?
Open carvakaguru opened 2 years ago
dsommers
commented
2 years ago Can you please elaborate why you need lport at all? Have you tried connecting without it?
carvakaguru
commented
2 years ago I am working on handling NAT Traversal out-of-band which does NAT hole punching (so that pre-allocated port forwarding is not required on the server side and in some cases not even possible to do). The mechanism I use results in the server side expecting packets from a specific IP-port combination. Hence the need for the lport directive.
This already works wonderfully in openvpn 2.4 but that requires sudo access. I thought that since openvpn3 does not need sudo access it would be perfect to upgrade to it but without lport I am stuck using openvpn 2.x.
dsommers
commented
2 years ago Thanks! This is essentially related to a missing feature in the OpenVPN 3 Core library, so I'll move this ticket to that project.
ValdikSS
commented
2 years ago It was unfortunate to learn that OpenVPN 3 does not support lport, since I need it to circumvent NAT as well, and there's no OpenVPN 2 client on iOS.
I have config which requires the use of the lport directive but openvpn3 as well as openvpn2 completely ignore it. Log for both shows the lport as being an unused option -
I am using OpenVPN 3/Linux v16_beta version on ubuntu bionic.
The same config works fine with openvpn 2.4 but it needs to run with sudo.