Hey y’all
I’ve been working on setting up an OpenVPN access server on my home lab server. After troubleshooting for hours, I finally got it setup and could access my VPN from my phone while I was on my home network. However I noticed that my VPN client refuses to work on my phone when I’m on a different network other than my own. I thought this was an issue with the client addressing a local address that didn’t exist on a different network, so I attempted to port forward the client access portal on my home network on port 943 just to see if it would work, and it did not.
I’ve read online and some people claim issues with a firewall or with TCP/UDP connection being blocked depending on the protocol used, but I have no clue where to start or how to even approach this problem. I am not well versed in firewalls so I was hoping if anyone had some answers for me, it would be greatly appreciated!
Misc. Info:
Server: Linux Mint VM running under Proxmox 7.0-11.
Port forward port 1194 and 943 to start. It’s not just about the home access portal. 1194 is the default UDP tunnel port, which may be what it’s looking for.
This is 100% going to be either a port forwarding and/or ip misconfiguration. Sounds like you’re on the right track. Don’t share your public IP, but ensure that your phone is truly trying to reach out to your public IPv4 address, and not your local address. In the OpenVPN app, you can edit the profile and enter a “server override”. Ensure that points to your public IP. (Side note: on some routers this may prevent you from connecting from your LAN. This really isn’t an issue since no need for a VPN in the LAN really… this will really only help with troubleshooting.) if the server override works, then update your profile to have the public IP.
According to the OpenVPN AS Sysadmin Guide located here. Try Port forwarding ports 443, 1194, and 943. Also double check your “hostname” configuration in the admin web ui and make sure it is pointing to your Public IP or a DDNS that is set to your Public IP. You can also use a Domain Name and set the subdomain to your public IP.