what i’m trying to do is make it so if my vpn connection drops my internet will cut off. so a kill switch, my problem is i’m trying to find what port openvpn is using but with netstat -l i don’t see anything about openvpn
Port 1194 possibly.
any suggestions to verify this, i can always set that as my port in my script and if it doesn’t drop my connection then we know it must be something else.
sudo netstat -uapn | grep openvpn
Better to check in your openvpn config script, where the remote server’s IP address is defined (possibly with the remote port). If not set, I believe the default is port 1194.
Since the default is usually UDP/1194 (though often changed), there’s no TCP socket to see in netstat, though netstat can still show TCP sockets that pass through the vpn tunnel, which will very likely have a local IP address of 10.x.x.x,
Doesn’t that give the listening port?
user@dl:/etc/openvpn$ sudo netstat -uapn | grep openvpn
udp 0 0 0.0.0.0:44329 0.0.0.0:* 576/openvpn
I’ve got:
udp 0 0 192.168.1.102:1194 0.0.0.0:* 945/openvpn
yeah i seemed to get the same thing
udp 0 0 0.0.0.0:54940 0.0.0.0:* 253/openvpn
i have it in my config files to use udp and port 443, i was hoping to be able to verify that it was using it
You’re runnung a vpn server, right?
Whoa, sorry, my mistake, thought it’s about server not client. Twas a long day. Sorry again.
no problem thank you for the help anyways!
Currently this is the config i’m using
client
dev tun
proto udp
port 443
remote atl-a32.ipvanish.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca '/home/vpn/ca.ipvanish.com.crt'
verify-x509-name atl-a32.ipvanish.com name
auth-user-pass /home/vpn/pass.txt
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA
management localhost 1337
script-security 2
Well, if that’s what they suggest you use and it works fine, what else is there to say?
Now you’ve had your original question answered, are you ok to continue with your kill switch?
yes sir i am, just wanted to be 100% sure thank you for the help