Hi to all,
Having recently installed and configured Jack Yaz's excellent YazFi to take advantage of the discrete subnet provisions offered I was able to asign a given subnet to specific devices along with an appropriate OpenVPN Client instance configured to use specified ExpressVPN remote servers to satisfy individual requirements. Unfortunately as I am very much a novice in such matters I have encountered an unforseen obstacle namely a UDP Port conflict!
Accordingly, I would very much appreciate some guidance in respect of simultaneous operation of more than one instance of configured OpenVPN clients (specifically with ExpressVPN as provider) whilst avoiding policy rule conflicts arising from the default UDP port (in this case 1195) configured through the respective OpenVPN file for each ExpressVPN remote server instance. I am aware that it is possible to configure one of the OpenVPN clients as TCP and therefore to simultaneously utilise the default TCP Port but this is limited to only one further instance and is far from optimal.
As I was unable to identify specific guidance from their web support in respect of port provision in regard to the OpenVPN settings configured under Asus Merlin I contacted their support team for advice. My query noted that whilst there was no specific guidance an article entitled "Failure to connect VPN" referred to 'granting an exception to ExpressVPN or to UDP ports 1194-1204' which I felt showed some related significance and suggested that this indicated a 'spread' of available UDP ports thus enquiring whether this was the case and also confirmation that port re-assignment was possible and if so how I should amend the OpenVPN file.
Somewhat disappointingly I received the following reply: "Sorry, but the port number of our OpenVPN server locations cannot be altered, adjusting or opening specific ports is a potential security risk, that's why it's currently not supported. When you configure ExpressVPN on your devices, the ports will be assigned automatically." I remain unclear as to why (presumably in the case of apps) that the firewall should require exceptions granting to UDP ports "1194-1204" if this range were not provided for connections?? Perhaps those more familiar with the neuances of ExpressVPN could venture an explanation!
Obviously, I have no reason to doubt the accuracy of the advice received from ExpressVPN support (although misunderstandings can and no doubt have, in the past occurred!) so I am rather hoping that the resident experts here might be able to suggest an alternate means by which the required simulataneous OpenVPN client instances can be accomplished without policy rule conflicts arising.
Thank you in advance for your assistance.
PC Pilot
Having recently installed and configured Jack Yaz's excellent YazFi to take advantage of the discrete subnet provisions offered I was able to asign a given subnet to specific devices along with an appropriate OpenVPN Client instance configured to use specified ExpressVPN remote servers to satisfy individual requirements. Unfortunately as I am very much a novice in such matters I have encountered an unforseen obstacle namely a UDP Port conflict!
Accordingly, I would very much appreciate some guidance in respect of simultaneous operation of more than one instance of configured OpenVPN clients (specifically with ExpressVPN as provider) whilst avoiding policy rule conflicts arising from the default UDP port (in this case 1195) configured through the respective OpenVPN file for each ExpressVPN remote server instance. I am aware that it is possible to configure one of the OpenVPN clients as TCP and therefore to simultaneously utilise the default TCP Port but this is limited to only one further instance and is far from optimal.
As I was unable to identify specific guidance from their web support in respect of port provision in regard to the OpenVPN settings configured under Asus Merlin I contacted their support team for advice. My query noted that whilst there was no specific guidance an article entitled "Failure to connect VPN" referred to 'granting an exception to ExpressVPN or to UDP ports 1194-1204' which I felt showed some related significance and suggested that this indicated a 'spread' of available UDP ports thus enquiring whether this was the case and also confirmation that port re-assignment was possible and if so how I should amend the OpenVPN file.
Somewhat disappointingly I received the following reply: "Sorry, but the port number of our OpenVPN server locations cannot be altered, adjusting or opening specific ports is a potential security risk, that's why it's currently not supported. When you configure ExpressVPN on your devices, the ports will be assigned automatically." I remain unclear as to why (presumably in the case of apps) that the firewall should require exceptions granting to UDP ports "1194-1204" if this range were not provided for connections?? Perhaps those more familiar with the neuances of ExpressVPN could venture an explanation!
Obviously, I have no reason to doubt the accuracy of the advice received from ExpressVPN support (although misunderstandings can and no doubt have, in the past occurred!) so I am rather hoping that the resident experts here might be able to suggest an alternate means by which the required simulataneous OpenVPN client instances can be accomplished without policy rule conflicts arising.
Thank you in advance for your assistance.
PC Pilot
