Merge pull request #331 from buchdag/patch-1

Add port sharing example to tcp doc
This commit is contained in:
Kyle Manna 2017-11-23 14:03:51 -08:00 committed by GitHub
commit fd8daa133a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -29,3 +29,17 @@ This allows you to use UDP most of the time, but fall back to TCP on the rare oc
Note that you will need to configure client connections manually. At this time it is not possible to generate a client config that will automatically fall back to the TCP connection.
## Forward HTTP/HTTPS connection to another TCP port
You might run into cases where you want your OpenVPN server listening on TCP port 443 to allow connection behind a restricted network, but you already have a webserver on your host running on that port. OpenVPN has a built-in option named `port-share` that allow you to proxy incoming traffic that isn't OpenVPN protocol to another host and port.
First, change the listening port of your existing webserver (for instance from 443 to 4433).
Then initialize the data container by specifying the TCP protocol, port 443 and the port-share option:
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig \
-u tcp://VPN.SERVERNAME.COM:443 \
-e 'port-share VPN.SERVERNAME.COM 4433'
Then proceed to initialize the pki, create your users and start the container as usual.
This will proxy all non OpenVPN traffic incoming on TCP port 443 to TCP port 4433 on the same host. This is currently only designed to work with HTTP or HTTPS protocol.