yes i know all that, this is just for testing purpose, the final it wiil be udp and then tcp.
good point about 80 tcp,and yes i will use 443 tcp wich is more likely not to be intercepted my question is why is not function the fallback mechanism from the cfg file, in my case the client continously use only port 80 tcp even if this port is DROP or REJECT with iptables on openvpn server. and also if i have two different openservers listen on the same port lets say 1194 udp, when the first is down, it will not jump on the second one. remote X 1194 remote Y 1194 when i click connect every time is going to the first and not jump to the secondone, i tested also with randome declaration, but even with random is not a solutions depends on wich one is take first. a solution is of course with two separate configs, but not all users have technical skills and for ordinary people is hard to explain: if first is not working try second.what if you have 4 servers and 4 ports? now we are doing round robin DNS fallback with two servers and two ports(udp, tcp). and yes i have a server which know listens on 1194-udp and 80-tcp. Thanks for the answers. > On 21 Oct 2015, at 02:45, Jason Haar <jason_h...@trimble.com> wrote: > > On 21/10/15 09:49, debbie...@gmail.com wrote: >> NOTE: Just because you specify HTTP port 80 does not mean an intervening >> firewall is not capable of detecting a NON HTTP protocol and blocking you >> anyway. > I agree - in fact I'd suggest NEVER use tcp/80 and instead use tcp/443 - > as that's just as likely to be open and you are less likely to hit a > transparent proxy > > Also, you had tcp/80 first and then udp/1194 - which I think is the > opposite order to what you wanted? ie openvpn works from the top of the > config downwards > > -- > Cheers > > Jason Haar > Corporate Information Security Manager, Trimble Navigation Ltd. > Phone: +1 408 481 8171 > PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 > > > ------------------------------------------------------------------------------ > _______________________________________________ > Openvpn-users mailing list > Openvpn-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-users ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
