OpenVPN portshare not working correct

Discussion in 'ISPConfig 3 Priority Support' started by g00fy, May 1, 2013.

  1. g00fy

    g00fy New Member


    I setup a new server with ISPCONFIG and setup the nginx webserver. I changed the port nginx listening on for ssl connections to 44334 and setup openvpn with the port-share option to listen on 443 for incoming connections and redirect it to nginx when it is https traffic.
    This works well on a server without ISPConfig, but on this server it always connects to the first enabled virtual server that is listening on port 44334. and not to the website the browser is asking for.

    Is there something in this setup that is preventing using the port-share option of openvpn?
  2. falko

    falko Super Moderator ISPConfig Developer

    I guess OpenVPN isn't forwarding the requested hostname to the web server.
  3. g00fy

    g00fy New Member

    It seems it doesn't have anything to do with openvpn after all. Sorry for this.

    What is happening is when you connect to a website that wasn't configured to use ssl, but try to connect via https://, it connects to the first vhost that is configured to use ssl.
    May be this is by design, but I would like it more to get no connection at all (or maybe a page saying there is no website on this url).
    Would something like this be posiible?
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Thats ok and the default behaviour of webservers. If a vhost is requested that does not exist, the first vhost on the saem IP is shown.

    Add a default vhost which has ssl enabled by ading a site with the domain "000default.tld".It does not matter that the domain exists, it just ahs to be the first in alphabetical order on your servers. Or you ensure that ssl websites do not share the IP address with other sites.

Share This Page