> > The iptables suggestion is good. But unfortunately it > > won't work in my scenario. What I want to achieve is to > > bind OpenVPN on TCP 443 over two WAN interfaces and Apache > > on TCP 443 over two LAN interfaces (for management traffic). > > It should still be possible to use iptables to achieve > this, although you would need to mess about with DNAT to > another port, kind of ugly. > > How about using ovpn's port sharing?
I am already using "--port-share". Want to avoid it as it induces one Proxy point in the flow. As mentioned above - have cleanly separated flows for LAN and WAN ports - so port-share looks like an overhead. Regards, Keyur