The default port and protocol for OpenVPN is UDP/1194.
Some server admins may block port 1194 so to get around this we can set OpenVPN to listen on port 443 instead. Port 443 is the default for HTTPS traffic so there is little chance it will be blocked.
To install OpenVPN on CentOS I recommend using this guide: https://www.digitalocean.com/community/tutorials/how-to-setup-and-configure-an-openvpn-server-on-centos-7
If you are running a web server, the chances are nginx/apache is already listening on port 443 and we can’t have more than one application binding to the same port. Once solution is to get nginx/apache to listen for HTTPS traffic on another port (e.g 22443) and get OpenVPN to listen on port 443 (forwarding all traffic to the port 22443).
First change the listen port for your web server (apache):
sudo vi /etc/httpd/conf/httpd.conf
Modify mod_ssl (you can choose any un-used port number):
</IfModule mod_ssl.c> Listen 22443 </IfModule>
Check if port 443 is used in other config files and replace accordingly:
sudo grep '443' -r /etc/httpd/*
Modify OpenVPN server.conf:
sudo vi /etc/openvpn/server.conf
Change protocol to tcp, port 1194 to 443 and add a port-share for 22443 (your new web server port for HTTPS)
proto tcp port 443 port-share 127.0.0.1 10443
You will also have to change your ovpn config file to use the new settings:
client dev tun proto tcp remote your_server_ip 443 resolv-retry infinite nobind persist-key persist-tun comp-lzo verb 3 ca /path/to/ca.crt cert /path/to/client.crt key /path/to/client.key
Finally restart your web server and OpenVPN services:
sudo systemctl restart email@example.com sudo systemctl restart httpd