FreePBX | Register | Issues | Wiki | Portal | Support

Vpn port on freepbx


(Lon Townsend) #1

So I have two phone servers with the same public IP but with different private IPs. Phone server A has the vpn server activated using 1194 for remote phones, port forwarding.
On phone server B I want to use softphones using the built in vpn server. Is there anyway to change the vpn port that phone serve B talks across.
I tried to port forward 1194 to server B but it affected server A, since server A also used 1194.
We do not use UCM devices to scan QR codes.
I hope I have explained this for easy understanding.
BTW, I have gotten softphones to work on others phone servers, but only because they only had one phone server on their network, not two. My boss has three virtual phone servers on his network. 1 hosted for remote phones, and two others for internal companies. the vpn is connected between firewalls.


#2

You can’t forward the same port to 2 different internal IPs. So you will need to use a different port, for example 1194 for A and 1195 for B, internally you can set both servers to the same port because they have different internal IPs, but since you have only one external IP, you have to use different external ports. Hope I’m being clear.


(Lon Townsend) #3

I am using the openvpn app on my phone. How do i tell it which port to find? I have used OpenVPN Connect and OpenVPN for android. Only the second one seems to let you configure the different port.


(Lorne Gaetz) #4

Changing the bind port of the OpenVPN service is not currently supported, but a requested feature here:
https://issues.freepbx.org/browse/FREEPBX-12422


(Lon Townsend) #5

I understand the different ports, on the firewall, 1194 and 1195. How do you use different external ports on the pfsense firewall??


#6

You need to create a port forward where the external port is 1195 and the internal port is 1194


(Lon Townsend) #7

so source port would be 1195, then destination address, destination port (1194), Nat IP


#8

Right


(Lon Townsend) #9

so here is what i think i need to do.

source port-> 1194
dest. address-> wan
dest. port-> 1210
Nat IP-> 192.168.x.x
Nat Ports-> 1194

Please correct me if i am wrong


#10

Let me check when I get home and get back to you.


#11

You need to create a NAT rule

Firewall-> NAT-> add

Interface: WAN (or the name of your internet facing interface)
Destination: WAN Address
Destination port range: Other 1210
Redirect Target IP: 192.168.X.X
Redirect Target Port: OpenVPN
Filter rule association: Add associated filter rule


(Lon Townsend) #12

and that won’t affect my hosted server already using 1194 on the firewall and nat’d to a different internal address?


(system) #13

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.