On 07/10/13 04:07, Luis Daniel Lucio Quiroz wrote: > Port 53/udp is risqui since I have found some ISP's block udp packages > logner than 512 bytes > moving to port 443/tcp it seems to be most easy, since they will only > see TLS negotiation, I think that's the best bet too - but to be precise, openvpn doesn't do standard TLS negotiation (at least if you are using tls-auth as you should be) - so some layer7 firewalls could potentially even block openvpn on tcp port 443 - however, most don't :-)
-- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users