Open ports on open client vpnI

[bobpow]

I am running open client vpn using TorGuard on a new rt Ac86u router with 384.11-2. I ran nmap online port scan
and it shows tcp 22,80 and 443 as open.

I spoke to TorGuard support and they said “
Yes those are forwarded on vpn server for connection to vpn, it is not forwarded to you.”

I just want to check with the experts to see if this is normal and true
Thanks

 

[eibgrad]

I can't speak to whether that specific VPN provider opens ports on their end of the tunnel. But normally, the VPN provider has their end of the tunnel firewall'd to protect you from unsolicited inbound traffic. Not unless they provide a port forwarding service (some do, most don't) so you can remotely access your network over the VPN.

It is possible (if a bit unusual) they reserve certain ports for their own use, and port forward them to their own internal devices, NOT your end of the tunnel. I assume that's what they meant. As a result, you can get false positives sometimes w/ these online port scans, because what you're seeing is the results of hitting the provider's firewall, NOT your firewall.

I've had the same thing happen when using GRC's Shields Up. I expect all my ports to be stealthy because my own firewall (over the WAN) drops all unsolicited inbound packets. But my ISP's firewall is blocking access to specific inbound ports by closing them. So a port scan reports closed for those ports rather than stealthy.

 

[ColinTaylor]

I don't have any experience with TorGuard specifically but what they said would typically be true. What you're detecting is their servers, not yours.

 

[eibgrad]

Just as an aside, this is one of the reasons I've made the following request of Merlin, to which he has recently agreed.

https://www.snbforums.com/threads/openvpn-client-security-enhancement.56328/

I don't fully trust the VPN provider. And it's hard to tell if in fact the ports are only open to his end of the tunnel. I assume that's the case, but you can't be 100% sure. So I've requested that we at least make sure our end of the tunnel is completely secured.

 

[Butterfly Bones]

I am running open client vpn using TorGuard on a new rt Ac86u router with 384.11-2. I ran nmap online port scan
and it shows tcp 22,80 and 443 as open.

I spoke to TorGuard support and they said “
Yes those are forwarded on vpn server for connection to vpn, it is not forwarded to you.”

I just want to check with the experts to see if this is normal and true
Thanks

Sound like the same misunderstanding I had. Here is the likely reason for what you are seeing.
https://www.snbforums.com/threads/s...ted-ac-68u-merlin-380-68_4.43791/#post-371687
You might want to read the entire (short) thread.
https://www.snbforums.com/threads/server-ports-open-not-wanted-ac-68u-merlin-380-68_4.43791/

 

[bobpow]

Thank you all for your replies and especially the links explaining the issue. I believe I understand the issue now