Networking Help

Factual Questions
1

Hi all, not sure if there’s a solution, but here’s what I’ve learned and what the problem is.

My ISP out here on the boat I’m on has an extremely restrictive firewall. In order for me to have any internet access at all I have to go through a proxy. When I am not connected to a proxy, I can still ping places like www.google.com, but webpages won’t resolve inside a browser.

Through a ton of tinkering and figuring things out, we found that port 23 is open to both inbound and outbound traffic, and that’s about it. We can’t find any other ports open both ways. My boyfriend set up a proxy on his server set to port 23 and I’m connected to it, and it works for browsing.

However, any applications on my computer that try to communicate through any other ports fail miserably. He has control over which ports he can open on his server/proxy of course, but I have no control over which ports I can open on my end.

Is there any way I can get other applications to route through port 23? Like some software I can download that will redirect all outbound traffic from port XYZ to port 23? And if this does exist, would it even work, if say, the server that the application is trying to connect with doesn’t accept incoming traffic on port 23?

Is there anything that could be done on the proxy to alleviate our problems?

Is there any other solution, such as setting up an SSH Tunnel or VPN or something like that, that would allow me to use more than just port 23 on my end (obviously it’d all really be going through port 23 but the applications wouldn’t know it).

Any and all information on networking, ports, firewalls, proxies, etc would be greatly appreciated. Thanks in advance!

2

Probably the easiest thing you can do is set up a VPN server on port 23 and configure it so that all traffic goes through the VPN once connected (as opposed to “split tunnel”). This has the added benefit that everything you do is encrypted and can’t be monitored by shady ISP’s.

There are free ones available. Check out openVPN AS, you get two licenses (i.e., two concurrent logins) for free, but more than that you have to pay per user. But it doesn’t sound like you need more than one.

3

Thanks so much arseNal. I’ve never actually set up a VPN before. If you have some free time and wouldn’t mind giving me some pointers on how to set it up, using openVPN, I’d appreciate it. I’m gonna start downloading the software now. Thanks again!

4

Oh, i thought it’d be your bf setting it up, since if he set up a proxy on port 23 (and had the idea to in the first place) then he must know a little something about setting up server software.

Setting up a VPN server normally isn’t really something for a layperson (not sure exactly how tech savvy you are), but, there are many ways to do this so one of them is bound to be doable by you.

What operating system is running on the computer that is intended to be the server (I suppose it’s the server that’s currently running the proxy your bf set up)? If it’s windows, then my first thought would be to install VMWare workstation, which is very easy to install – it comes as a windows installer package. Then, download the ready-made virtual machine from openVPN and just fire it up with VMWare workstation. In the virtual machine, you will probably have to do a little bit of network configuration (in linux). That’s pretty much all there is to it.

For a reasonably experienced person this whole setup could take probably under an hour. If you’re not too sure of what you’re doing it would obviously take somewhat longer.

Anyways, VMWare workstation download.

openVPN AS Virtual Appliance.

This is all assuming you really want to set up your own server and not try to use some kind of service where they already have it set up and you just connect to it. When I was checking out their site just now I noticed openVPN offers or is partnered with some service called Private Tunnel. This would probably do what you want and wouldn’t take hardly any work at all. But I don’t know what the cost structure is; I kind of doubt you would get what you need for free indefinitely. What you want to do isn’t exactly a mundane thing that is very readily available.

5

Yeah he’d be setting up the server (the one running the proxy) as the VPN server. It runs linux, not sure what version/distro.

I gave the private tunnel thing a try off of openVPN’s website, but sadly the servers they have set up do not seem to support port 23, so me and my bf will have to set one up ourselves.

He hasn’t ever set up a VPN server before, but we’re both pretty smart and could probably figure it out if we had a guide or something, or just some basic instructions. He did set up the proxy so hopefully setting up the VPN won’t be too much trouble.

On my end (the client), what will I need to do? I don’t see any configuration options, or a tools menu, or anything in the openVPN client. I’m assuming there are some configuration files somewhere in the program directory but I am not sure what exactly I’m looking for. I’m running windows 7 64bit on my end if it makes any difference.

In fact, I don’t even see an option for the server IP address or port >_<

6

Oh, you’re already using linux. In that case, an alternative to using the VMWare appliance is to install the openVPN software directly in linux. But the advantage of using a virtual machine is that 95% of the setup is done for you and you just launch the VM. (VMWare workstation is available for linux as well, but I’ve never used it, only VMWare server. And that’s a pain because it’s not updated and doesn’t play well with many distros.)

Regarding client config, there’s none! Once you get the server set up to listen on port 23, all you do is use your browser (on the client machine) and go to https://your_server_ip_address:23

Then it’s all automatic from there (you will download and run a small client (from your own server), and that’s it.)

BTW, this is known as SSL VPN, as opposed to the kind of VPN you’re probably used to where you download a fat vpn client and install it on the client machine. SSL VPN is much easier to use (especially from the client perspective).

7

thanks again arseNal. Do you know of any online guides/resources for installing and configuring the openVPN server software in linux? Any tips or tricks from personal experience?

8

Upon further thought I think since you are already using linux, it may be easier to skip the VMWare route and just install openVPN directly in linux. It should be available as a package depending on what distro you use.

openVPN linux packages.

As for a guide, assuming you go the install-directly-into-linux route, try here, starting with “Linux Distribution: You will need to make sure you download the package that corresponds with the current OS Distro, we currently support these Linux Distros …” (That page also contains the quick guide for the vmware route.)

I actually don’t have experience doing it this way but I’m sure if you have questions about it along the way I should hopefully be able to answer them.

9

Alrighty! You’ve given us a great start. Thanks so much for everything :slight_smile:

10

No problem. Oh, one thing I need to warn you about, is that I’m not too sure if this will work for applications that require UDP. I know most if not all multiplayer games use UDP and I don’t know if games these days can be configured to work over VPN’s. Just something to think about & research if this is something you need.

11

Oh alright. Thanks for letting me know ahead of time about that. One of the main reasons we were setting this up was so I could play on our private minecraft server. But if UDP doesn’t work, I’d assume that’s out of the question.

12

It’s just something you’ll have to research for yourself, because I actually am not too clear on this point. It may very well work, maybe someone else who knows more about the udp side of things will chime in.

A quick google search does show people using VPNs for minecraft servers. But they use a VPN called hamachi. Sounds delicious.

13

Hey there arseNal! Good news! I’m happy to say that we got the VPN set up using the instructions and guidance you provided, and it’s working swimmingly well. Thank you once again!

I was even able to connect to the minecraft game and play it :smiley:

14

Glad to hear it.