Jump to content
Not connected, Your IP: 3.84.7.255

Recommended Posts

How should I configure Comodo for SSL and SSH?

 

What port would you recommend for SSH?

 

SSH and non-tunneled connections use the same server IPs whereas SSL doesn't, why is this?

Share this post


Link to post

Hello!

 

About OpenVPN over SSH, our servers listen to ports 22, 53 and 80 of the entry-IP address, and to port 22 of the Alternative Entry-IP address.

 

About OpenVPN over SSL, our servers listen to port 443 of the entry-IP address.

 

About OpenVPN "direct" or "over a proxy", our servers listen to ports 53, 80 and 443 both of the Entry-IP and the Alternative Entry-IP address.

 

In Comodo, for OpenVPN over SSH/SSL you need, on top of the rules described in our guide for Comodo to prevent lekas, to allow communications from "Any IP Address" to 10.50.0.0/255.255.0.0 and from 10.50.0.0/255.255.0.0 to "Any IP Address" (Comodo will display "Any IP address" as "MAC Any" in the rules).

 

There is no generally valid recommendation about which port to choose: if your ISP performs port shaping on some ports, some ports can provide better performance than others.

 

Keep in mind that OpenVPN over SSH or over SSL should be used ONLY if your ISP disrupts OpenVPN communications, because the additional SSH/SSL tunnel causes a performance hit without increasing security. OpenVPN over SSH/SSL have been implemented originally for China only, where OpenVPN connections are disrupted. The purpose of SSH/SSL is to encrypt the OpenVPN typical fingerprint, not to increase significantly the security.

 

There is no such a thing as a non-tunneled connection in our service, unless you explicitly decide to reject the pushed routes by our servers.

 

Kind regards

Share this post


Link to post

OK so I added those two rules to Comodo(I assume you only need to allow TCP), ran the batch file(I double clicked it) then ran OpenVPN but it won't connect(see attachment)?

 

I want to use SSH because I suspect my ISP throttles OpenVPN.

Share this post


Link to post

@fasi72

 

Hello,

 

there's no attachment in your message, can you please try again? Also, what is your OS, and which server are you trying to connect over SSH?

 

Kind regards

Share this post


Link to post

Hello,

 

it seems that Putty is either not running or not listening to port 1412. Can you please make sure that you execute the script file (the .bat file) from a command prompt? Also, can you please send us the output?

 

Kind regards

Share this post


Link to post

Hello!

 

Apparently you did not paste all the files generated by the Configuration Generator in your command line current working directory, in particular plink.exe, can you please check?

 

Kind regards

Share this post


Link to post

OK it seems to be working now thanks, but

 

Would you recommend SSL or SSH?

 

Should I enter the all the different SSL server IPs into Comodo?

Share this post


Link to post

OK it seems to be working now thanks, but

 

Would you recommend SSL or SSH?

 

Hello,

 

assuming that your ISP throttles SSL and SSH in the same way, SSH implementation is generally more efficient.

 

 

Should I enter the all the different SSL server IPs into Comodo?

 

Yes, you need to authorize communications with all the entry-IP addresses of the VPN servers you wish to connect to, as usual.

 

Kind regards

Share this post


Link to post

OK I'll go with SSH then to save entering all those IPs, but I've got two new problems:

 

Only the AirVPN site works

 

Some of the .bat files don't work(see attachment)

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...